Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
238231	3.5	注意	mattias hutterer	-	Drupal 用モジュールの Taxonomy マネージャにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2083	2012-09-25 17:27	2009-06-10	Show	GitHub Exploit DB Packet Storm

238232	7.5	危険	mrcgiguy	-	MRCGIGUY The Ticket System の admin.php における管理者のパスワードを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2080	2012-09-25 17:27	2009-06-16	Show	GitHub Exploit DB Packet Storm

238233	4.3	警告	heine.familiedeelstra	-	Drupal 用の Booktree モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2078	2012-09-25 17:27	2009-06-10	Show	GitHub Exploit DB Packet Storm

238234	5.8	警告	マイクロソフト	-	Microsoft Internet Explorer における任意の https サイトを偽装される脆弱性	CWE-287 不適切な認証	CVE-2009-2069	2012-09-25 17:27	2009-05-31	Show	GitHub Exploit DB Packet Storm

238235	5.8	警告	Opera Software ASA	-	Google Chrome における任意の Web スクリプトを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2068	2012-09-25 17:27	2009-06-15	Show	GitHub Exploit DB Packet Storm

238236	6.8	警告	Mozilla Foundation	-	Mozilla Firefox における任意の Web スクリプトを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2065	2012-09-25 17:27	2009-06-15	Show	GitHub Exploit DB Packet Storm

238237	6.8	警告	マイクロソフト	-	Microsoft Internet Explorer 8 における任意の Web スクリプトを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2064	2012-09-25 17:27	2009-05-31	Show	GitHub Exploit DB Packet Storm

238238	9.3	危険	Mozilla Foundation	-	Mozilla Firefox における任意の Web スクリプトを実行される脆弱性	CWE-310 暗号の問題	CVE-2009-2061	2012-09-25 17:27	2009-06-15	Show	GitHub Exploit DB Packet Storm

238239	5.8	警告	マイクロソフト	-	Microsoft Internet Explorer における任意の Web スクリプトを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2057	2012-09-25 17:27	2009-05-31	Show	GitHub Exploit DB Packet Storm

238240	4.3	警告	Mozilla Foundation	-	Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-2044	2012-09-25 17:27	2009-06-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	8.1	HIGH Network	-	-	ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs the reset URL using `req.hostname`, which is derived … New	CWE-20 CWE-640 Improper Input Validation Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-45013	2026-06-13 13:17	2026-06-13	Show	GitHub Exploit DB Packet Storm

72	6.5	MEDIUM Local	-	-	ApostropheCMS is an open-source Node.js content management system. Versions of the @apostrophecms/cli package up to and including 3.6.0 contain a command injection vulnerability in the apos create co… New	CWE-78 OS Command	CVE-2026-42853	2026-06-13 13:17	2026-06-13	Show	GitHub Exploit DB Packet Storm

73	7.5	HIGH Network	-	-	The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and including, 6.0.4 The plugin hooks WordPress's `posts_request` f… New	CWE-89 SQL Injection	CVE-2026-9848	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

74	5.5	MEDIUM Local	-	-	A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and w… New	CWE-74 Injection	CVE-2026-54231	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

75	7.0	HIGH Local	-	-	A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the t… New	CWE-59 Link Following	CVE-2026-54230	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

76	7.0	HIGH Local	-	-	A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DD_OPEN_READONLY and calls dd_chown to change ownership of all files … New	CWE-362 Race Condition	CVE-2026-54229	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

77	7.8	HIGH Local	-	-	A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can c… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-54228	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

78	-		-	-	Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban an… New	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-47188	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

79	-		-	-	Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text in public bot replies w… New	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-47175	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

80	-		-	-	tmp is a temporary file and directory creator for node.js. Prior to 0.2.6, the tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untru… New	CWE-22 Path Traversal	CVE-2026-44705	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm