Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240411	6.8	警告	miranda-im	-	Miranda IM の yahoo.c におけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2007-5396	2012-09-25 16:59	2007-10-18	Show	GitHub Exploit DB Packet Storm

240412	7.5	危険	VMware OpenPegasus.org	-	OpenPegasus Management サーバにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-5360	2012-09-25 16:59	2008-01-7	Show	GitHub Exploit DB Packet Storm

240413	10	危険	ヒューレット・パッカード	-	HP Select Identity における不特定のアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2007-5391	2012-09-25 16:59	2007-10-10	Show	GitHub Exploit DB Packet Storm

240414	6.5	警告	lightblog	-	LightBlog の cp_memberedit.php における任意のアカウントの権限を昇格される脆弱性	CWE-287 不適切な認証	CVE-2007-5374	2012-09-25 16:59	2007-10-11	Show	GitHub Exploit DB Packet Storm

240415	2.1	注意	ldapscripts	-	ldapscripts におけるパスワードを読まれる脆弱性	CWE-310 暗号の問題	CVE-2007-5373	2012-09-25 16:59	2007-10-11	Show	GitHub Exploit DB Packet Storm

240416	6.8	警告	MODX	-	MODx の mutate_content.dynamic.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-5371	2012-09-25 16:59	2007-10-11	Show	GitHub Exploit DB Packet Storm

240417	4.3	警告	Netwin Ltd	-	DNews News Server の cgi-bin/dnewsweb.exe におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-5370	2012-09-25 16:59	2007-10-11	Show	GitHub Exploit DB Packet Storm

240418	5	警告	massive entertainment	-	Conflict の Massive Entertainment World におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2007-5369	2012-09-25 16:59	2007-10-11	Show	GitHub Exploit DB Packet Storm

240419	6.8	警告	Joomla! Webmaster-Tips	-	Joomla! 用の Panoramic Picture View mambot における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-5363	2012-09-25 16:59	2007-10-10	Show	GitHub Exploit DB Packet Storm

240420	4.3	警告	Mozilla Foundation	-	Mozilla Firefox における重要なシステム情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-5335	2012-09-25 16:59	2007-08-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
821	-		-	-	HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 2.0.0 and prior to version 26.0.0, the gitlist plugin is exposed to unauthenticated users, allowing unauthenti… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-46390	2026-06-10 01:16	2026-06-6	Show	GitHub Exploit DB Packet Storm

822	6.5	MEDIUM Network	-	-	HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the HAX CMS NodeJS application crashes when an authenticated attacker sends a specially crafted site crea… Update	CWE-20 Improper Input Validation	CVE-2026-46357	2026-06-10 01:16	2026-06-6	Show	GitHub Exploit DB Packet Storm

823	9.0	CRITICAL Network	termix	termix	Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the File Manager functionality in Termix contains a critical Brok… Update	CWE-284 CWE-639 Improper Access Control Authorization Bypass Through User-Controlled Key	CVE-2026-45746	2026-06-10 01:16	2026-06-6	Show	GitHub Exploit DB Packet Storm

824	7.5	HIGH Network	-	-	An issue in the Externalizable.readExternal() component of Controller v12.0.5 allows attackers to cause a Denial of Service (DoS) via a crafted input. Update	CWE-20 Improper Input Validation	CVE-2026-36501	2026-06-10 01:16	2026-06-6	Show	GitHub Exploit DB Packet Storm

825	9.8	CRITICAL Network	-	-	A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox… New	CWE-78 OS Command	CVE-2026-25089	2026-06-10 01:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

826	6.3	MEDIUM Network	-	-	A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. The impacted element is an unknown function of the file htdocs/core/filemanagerdol/connectors/php/config.inc.php of the component Lega… New	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-11619	2026-06-10 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

827	7.3	HIGH Network	-	-	A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInt… New	CWE-287 Improper Authentication	CVE-2026-11618	2026-06-10 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

828	8.8	HIGH Network	-	-	A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupNam… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-11517	2026-06-10 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

829	6.3	MEDIUM Network	-	-	A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolve_session_by_title of the file hermes_state.py of the component resume Endpoint. Such manipul… New	CWE-285 CWE-639 Improper Authorization Authorization Bypass Through User-Controlled Key	CVE-2026-11461	2026-06-10 01:16	2026-06-8	Show	GitHub Exploit DB Packet Storm

830	6.3	MEDIUM Network	-	-	A security vulnerability has been detected in GL.iNet GL-MT3000 4.4.5. The impacted element is the function rpc_sys of the file /cgi-bin/luci/rpc of the component LuCI JSON-RPC Interface. Such manipu… Update	CWE-74 CWE-77 Injection Command Injection	CVE-2026-11449	2026-06-10 01:16	2026-06-7	Show	GitHub Exploit DB Packet Storm