Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239961 10 危険 mythcontrol - MythControl の MythControlServer.c の sendToMythTV 関数におけるバッファオーバーフローの脆弱性 - CVE-2006-6860 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239962 6.8 警告 miredo - Miredo における任意の Teredo クライアントになりすまされる脆弱性 - CVE-2006-6858 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239963 10 危険 Mozilla Foundation - Durian Web Application Server フリーウェアにおけるバッファオーバーフローの脆弱性 - CVE-2006-6853 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239964 6.8 警告 mobilelib - ac4p Mobilelib gold の contact_us.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6851 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239965 7.5 危険 Joomla! - Joomla! 用の BE IT EasyPartner における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6843 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239966 10 危険 IBM - IBM OS/400 の osp-cert における脆弱性 CWE-noinfo
情報不足 		CVE-2006-6836 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239967 7.5 危険 Neocrome - Neocrome LDU の Journal.inc.php における SQL インジェクションの脆弱性 - CVE-2006-6835 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239968 5 警告 macromedia - Macromedia Flash の Flash8b.ocx におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6827 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239969 7.5 危険 personal .net portal - Personal .NET Portal 用のタブエディタにおける脆弱性 - CVE-2006-6826 2012-09-25 15:36 2006-12-29 Show GitHub Exploit DB Packet Storm
239970 7.5 危険 mxmania - Calendar MX BASIC におけるデータベースをダウンロードされる脆弱性 - CVE-2006-6825 2012-09-25 15:36 2006-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1131 6.1 MEDIUM
Network 		- - The Word 2 Cash plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in versions up to and including 0.9.2. This is due to the complete absence of n… CWE-352
 Origin Validation Error 		CVE-2026-6395 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1132 6.4 MEDIUM
Network 		- - The Sticky plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `cvmh-sticky` shortcode `readmoretext` attribute in versions up to and including 2.5.6. This is due to insufficien… CWE-79
Cross-site Scripting 		CVE-2026-6397 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1133 6.4 MEDIUM
Network 		- - The Logo Manager For Enamad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' attribute of the `vc_enamad_namad`, `vc_enamad_shamed`, and `vc_enamad_custom` shortcodes… CWE-79
Cross-site Scripting 		CVE-2026-6549 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1134 9.8 CRITICAL
Network 		- - The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-6555 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1135 9.8 CRITICAL
Network 		- - The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.4.4. This is due … CWE-269
 Improper Privilege Management 		CVE-2026-7284 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1136 4.4 MEDIUM
Network 		- - The General Options plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.1.0. This is due to the use of sanitize_text_field() for output escaping in the… CWE-79
Cross-site Scripting 		CVE-2026-6399 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1137 4.3 MEDIUM
Network 		- - The Child Height Predictor by Ostheimer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.3. This is due to missing nonce verification in the opti… CWE-352
 Origin Validation Error 		CVE-2026-6400 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1138 4.3 MEDIUM
Network 		- - The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update fo… CWE-352
 Origin Validation Error 		CVE-2026-6401 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1139 4.4 MEDIUM
Network 		- - The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'anomify_api_key' parameter in versions up to and including 0.3.6. This is du… CWE-79
Cross-site Scripting 		CVE-2026-6404 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1140 8.8 HIGH
Network 		- - The Account Switcher plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.2. This is due to the `rememberLogin` REST API endpoint using a loose compari… CWE-287
Improper Authentication 		CVE-2026-6456 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm