Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239961 10 危険 mythcontrol - MythControl の MythControlServer.c の sendToMythTV 関数におけるバッファオーバーフローの脆弱性 - CVE-2006-6860 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239962 6.8 警告 miredo - Miredo における任意の Teredo クライアントになりすまされる脆弱性 - CVE-2006-6858 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239963 10 危険 Mozilla Foundation - Durian Web Application Server フリーウェアにおけるバッファオーバーフローの脆弱性 - CVE-2006-6853 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239964 6.8 警告 mobilelib - ac4p Mobilelib gold の contact_us.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6851 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239965 7.5 危険 Joomla! - Joomla! 用の BE IT EasyPartner における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6843 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239966 10 危険 IBM - IBM OS/400 の osp-cert における脆弱性 CWE-noinfo
情報不足 		CVE-2006-6836 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239967 7.5 危険 Neocrome - Neocrome LDU の Journal.inc.php における SQL インジェクションの脆弱性 - CVE-2006-6835 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239968 5 警告 macromedia - Macromedia Flash の Flash8b.ocx におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6827 2012-09-25 15:36 2006-12-31 Show GitHub Exploit DB Packet Storm
239969 7.5 危険 personal .net portal - Personal .NET Portal 用のタブエディタにおける脆弱性 - CVE-2006-6826 2012-09-25 15:36 2006-12-29 Show GitHub Exploit DB Packet Storm
239970 7.5 危険 mxmania - Calendar MX BASIC におけるデータベースをダウンロードされる脆弱性 - CVE-2006-6825 2012-09-25 15:36 2006-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1341 9.1 CRITICAL
Network 		- - Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request. CWE-284
Improper Access Control 		CVE-2023-24215 2026-05-20 00:16 2026-05-19 Show GitHub Exploit DB Packet Storm
1342 5.5 MEDIUM
Local 		freedesktop gst-plugins-good An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate atom data before per… CWE-369
 Divide By Zero 		CVE-2026-46469 2026-05-20 00:15 2026-05-15 Show GitHub Exploit DB Packet Storm
1343 7.8 HIGH
Local 		vercel turborepo_language_server_protocol Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-contr… CWE-77
Command Injection 		CVE-2026-46508 2026-05-20 00:12 2026-05-16 Show GitHub Exploit DB Packet Storm
1344 6.1 MEDIUM
Network 		microsoft edge_chromium Microsoft Edge (Chromium-based) Spoofing Vulnerability CWE-79
Cross-site Scripting 		CVE-2026-45494 2026-05-20 00:06 2026-05-19 Show GitHub Exploit DB Packet Storm
1345 - - - FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup co… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-26978 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
1346 6.5 MEDIUM
Network 		- - BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.19, the recording playback (presentation format) was not sanitizing user's input in public chat. This allowed for a malicio… CWE-79
Cross-site Scripting 		CVE-2026-27737 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
1347 - - - Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "add_profile_threshold" permission to create a global … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-33052 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
1348 7.5 HIGH
Network 		- - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of… CWE-400
CWE-459
CWE-770
 Uncontrolled Resource Consumption
 Incomplete Cleanup
 Allocation of Resources Without Limits or Throttling 		CVE-2026-33232 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
1349 8.2 HIGH
Local 		- - Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows o… CWE-24
 Path Traversal: '../filedir' 		CVE-2026-22810 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
1350 9.8 CRITICAL
Network 		- - WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and Appium. Versions below 9.24.0 contain a command injection vulnerability leading to r… CWE-78
OS Command  		CVE-2026-25244 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm