Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240541 7.5 危険 オラクル - Oracle Application Express における脆弱性 - CVE-2007-3860 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
240542 7.8 危険 hydrairc - HydralRC におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-3837 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
240543 7.8 危険 hydrairc - HydralRC におけるフォーマットストリングの脆弱性 - CVE-2007-3836 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
240544 9.3 危険 IBM - ISS Proventia Network IPS GX5108 などの main.php における任意の PHP コードを実行される脆弱性 - CVE-2007-3831 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
240545 3.5 注意 IBM - ISS Proventia Network IPS GX5108 などの alert.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3830 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
240546 9.3 危険 ROXIO
interactual technologies		 - InterActual Player などにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-3829 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
240547 5 警告 Mozilla Foundation - Mozilla Firefox における任意のドメイン間で情報を受け渡される脆弱性 - CVE-2007-3827 2012-09-25 16:47 2007-07-17 Show GitHub Exploit DB Packet Storm
240548 10 危険 mehmet zati karahan - MzK Blog の katgoster.asp における SQL インジェクションの脆弱性 - CVE-2007-3824 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
240549 7.8 危険 Ipswitch, Inc. - IPSwitch WS_FTP の Logsrv.exe におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3823 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
240550 5 警告 Opera Software ASA - Opera におけるアドレスバーの data: URI スキームを偽造される脆弱性 CWE-DesignError
CVE-2007-3819 2012-09-25 16:47 2007-07-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1061 6.4 MEDIUM
Network 		- - The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘location_dir’ parameter in all versions up to, and including, 4.1.8 due to insufficient input sanit… New CWE-79
Cross-site Scripting 		CVE-2026-5714 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1062 7.2 HIGH
Network 		- - The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment text in all versions up to, and including, 7.5.49.7212 due to insufficient input sanit… New CWE-79
Cross-site Scripting 		CVE-2026-7556 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1063 6.4 MEDIUM
Network 		- - The TinyMCE shortcode Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'btnrel' Shortcode Attribute in all versions up to, and including, 1.0.0 due to insufficient input sa… New CWE-79
Cross-site Scripting 		CVE-2026-10024 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1064 4.3 MEDIUM
Network 		- - The jQuery Hover Footnotes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the jqFo… New CWE-352
 Origin Validation Error 		CVE-2026-10553 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1065 6.4 MEDIUM
Network 		- - The jQuery Hover Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Footnote Qualifier ('{{...}}' Syntax) in all versions up to, and including, 1.4 due to insufficient in… New CWE-79
Cross-site Scripting 		CVE-2026-10738 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1066 6.1 MEDIUM
Network 		- - The Product Filter Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via 'args[filterFormArray]' Parameter in all versions up to, and including, 1.0.6 due to i… New CWE-79
Cross-site Scripting 		CVE-2026-11603 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1067 4.5 MEDIUM
Local 		- - A security vulnerability has been detected in tmux up to 3.6a. Affected is the function image_free of the file image.c. Such manipulation leads to use after free. Local access is required to approach… New CWE-119
CWE-416
Incorrect Access of Indexable Resource ('Range Error') 
 Use After Free 		CVE-2026-11623 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1068 6.4 MEDIUM
Network 		- - The ePaperFlip Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'publicationid' attribute of the `epaperflip_embed` shortcode in all versions up to, and including, … New CWE-79
Cross-site Scripting 		CVE-2026-7662 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1069 5.3 MEDIUM
Network 		- - The Helpfulcrowd Product Reviews plugin for WordPress is vulnerable to Authorization Bypass via PHP Type Juggling in versions up to, and including, 1.2.9. This is due to the `helpfulcrowd_validate_to… New CWE-843
Type Confusion 		CVE-2026-8499 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm
1070 6.4 MEDIUM
Network 		- - The Extra Settings for RocketChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rocketchat' shortcode's 'title' attribute in versions up to, and including, 0.1. This is d… New CWE-79
Cross-site Scripting 		CVE-2026-8841 2026-06-9 22:33 2026-06-9 Show GitHub Exploit DB Packet Storm