Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
245191 3.6 注意 Novell - Novell IDM の idmlib.sh における任意のコマンドを実行される脆弱性 - CVE-2006-4506 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245192 7.5 危険 nx5 - NX5Linx の links.php における CRLF インジェクションの脆弱性 - CVE-2006-4505 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245193 7.5 危険 nx5 - NX5Linx における SQL インジェクションの脆弱性 - CVE-2006-4504 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245194 5 警告 nx5 - NX5Linx の link.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-4503 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245195 5 警告 moderngigabyte - ModernBill におけるネットワークトラフィックを読み取られる脆弱性 - CVE-2006-4499 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245196 7.5 危険 iwebnegar - IwebNegar の comments.php における SQL インジェクションの脆弱性 - CVE-2006-4497 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245197 4.3 警告 iwebnegar - IwebNegar の comments.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4496 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245198 7.5 危険 マイクロソフト - Microsoft Internet Explorer 6 における任意のコードを実行される脆弱性 - CVE-2006-4495 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245199 7.5 危険 マイクロソフト - Microsoft Visual Studio 6.0 におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-4494 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
245200 9.3 危険 The PHP Group - PHP の cURL 拡張ファイルにおける不正なアクションを実行される脆弱性 CWE-Other
その他
CVE-2006-4483 2012-09-25 15:35 2006-08-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1791 5.4 MEDIUM
Network
- - Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2026-53948 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1792 5.3 MEDIUM
Network
- - Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private… CWE-200
CWE-693
Information Exposure
 Protection Mechanism Failure
CVE-2026-53949 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1793 7.5 HIGH
Network
- - @tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub client in Ghost was vulnerable to JavaScript injection on posts shared by a maliciously customised Activ… CWE-79
Cross-site Scripting
CVE-2026-53950 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1794 5.7 MEDIUM
Network
- - Jellyfin is an open source self hosted media server. Prior to 10.11.9, a potential XSS attack exists in Jellyfin which can allow a non-privileged user to execute arbitrary Javascript in the context o… CWE-79
Cross-site Scripting
CVE-2026-49220 2026-06-26 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
1795 9.6 CRITICAL
Network
- - Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticate… CWE-524
 Use of Cache Containing Sensitive Information
CVE-2026-53943 2026-06-26 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
1796 4.3 MEDIUM
Network
- - An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. CWE-400
 Uncontrolled Resource Consumption
CVE-2026-42005 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1797 7.5 HIGH
Network
- - A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning. CWE-349
 Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2026-33612 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1798 3.7 LOW
Network
- - An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The pr… CWE-116
 Improper Encoding or Escaping of Output
CVE-2026-40011 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1799 3.7 LOW
Network
- - An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame. CWE-705
 Incorrect Control Flow Scoping
CVE-2026-40208 2026-06-26 00:59 2026-06-25 Show GitHub Exploit DB Packet Storm
1800 5.3 MEDIUM
Network
- - An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a… CWE-772
 Missing Release of Resource after Effective Lifetime
CVE-2026-40209 2026-06-26 00:59 2026-06-25 Show GitHub Exploit DB Packet Storm