Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240911	2.4	注意	mandiant	-	MFR の FRAgent.exe におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6476	2012-09-25 15:36	2006-12-19	Show	GitHub Exploit DB Packet Storm

240912	7.1	危険	mandiant	-	MFR の FRAgent.exe におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6475	2012-09-25 15:36	2006-12-19	Show	GitHub Exploit DB Packet Storm

240913	4.6	警告	マカフィー	-	McAfee VirusScan における任意の ELF DSO ライブラリを読み込まれる脆弱性	-	CVE-2006-6474	2012-09-25 15:36	2006-12-14	Show	GitHub Exploit DB Packet Storm

240914	5	警告	midicart software	-	Midicart の viewcart におけるショッピングカートで低い合計金額を取得される脆弱性	-	CVE-2006-6464	2012-09-25 15:36	2006-12-11	Show	GitHub Exploit DB Packet Storm

240915	6.5	警告	midicart software	-	Midicart の admin/add.php における任意の .php ファイルなどをアップロードされる脆弱性	-	CVE-2006-6463	2012-09-25 15:36	2006-12-11	Show	GitHub Exploit DB Packet Storm

240916	10	危険	j-owamp	-	J-OWAMP Web Interface の execInBackground.php における任意のコマンドを実行される脆弱性	-	CVE-2006-6454	2012-09-25 15:36	2006-12-10	Show	GitHub Exploit DB Packet Storm

240917	6.5	警告	j-owamp	-	J-OWAMP Web Interface における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6453	2012-09-25 15:36	2006-12-10	Show	GitHub Exploit DB Packet Storm

240918	6.8	警告	myarticles	-	RunCMS の MyArticles モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6452	2012-09-25 15:36	2006-12-10	Show	GitHub Exploit DB Packet Storm

240919	7.5	危険	Novell	-	Novell ZPM の dagent/downloadreport.asp における SQL インジェクションの脆弱性	-	CVE-2006-6450	2012-09-25 15:36	2006-12-10	Show	GitHub Exploit DB Packet Storm

240920	6.8	警告	iware	-	iWare Professional の index.php における SQL インジェクションの脆弱性	-	CVE-2006-6446	2012-09-25 15:36	2006-12-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251	-		-	-	An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaScript in the item_name, description, or image fields of an Item and trigger unescaped rendering in the … New	CWE-79 Cross-site Scripting	CVE-2026-42839	2026-06-5 00:23	2026-06-4	Show	GitHub Exploit DB Packet Storm

252	-		-	-	An authenticated user can persist arbitrary HTML/JavaScript in the email_id or mobile_no fields of a Customer record and trigger unescaped rendering in the Point of Sale (POS) interface for every ope… New	CWE-79 Cross-site Scripting	CVE-2026-42840	2026-06-5 00:23	2026-06-4	Show	GitHub Exploit DB Packet Storm

253	-		-	-	Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event… New	CWE-674 Uncontrolled Recursion	CVE-2026-8936	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm

254	7.3	HIGH Network	-	-	Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is enabled. decode_hv() collapses duplicate object keys into an array reference… New	CWE-843 Type Confusion	CVE-2026-9334	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm

255	7.5	HIGH Network	-	-	Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decode_json() advances t… New	CWE-755 CWE-763 Improper Handling of Exceptional Conditions Release of Invalid Pointer or Reference	CVE-2026-9516	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm

256	3.1	LOW Network	-	-	An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not add `Authorization` to the `Vary` response header for requ… New	CWE-524 Use of Cache Containing Sensitive Information	CVE-2026-35193	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm

257	5.3	MEDIUM Network	-	-	daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's WebSocketServerFactory. Because Autobahn defaults both values to 0 (unlimited), an unauthenticated remote a… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-44545	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm

258	3.7	LOW Network	-	-	daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or … New	CWE-444 HTTP Request Smuggling	CVE-2026-44546	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm

259	3.1	LOW Network	-	-	An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace from `Vary` response header va… New	CWE-1023 Incomplete Comparison with Missing Factors	CVE-2026-48587	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm

260	3.1	LOW Network	-	-	An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injective salt derivation (concatenating the cookie name and… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6873	2026-06-5 00:21	2026-06-3	Show	GitHub Exploit DB Packet Storm