Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245611 9.3 危険 effectmatrix - EffectMatrix Magic Morph におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3338 2012-06-26 16:18 2009-09-24 Show GitHub Exploit DB Packet Storm
245612 7.5 危険 Mambo Foundation
alibasta		 - Mambo の koesubmit コンポーネントの koesubmit.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3333 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245613 7.5 危険 ddlcms - DDL CMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3331 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245614 6.8 警告 cpecreator - cP Creator の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3330 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245615 9.3 危険 exeter - Winplot におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3329 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245616 7.5 危険 cmscontrol - CMScontrol Content Management System の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3326 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245617 7.5 危険 Joomla!
focusdev		 - Joomla! の Focusplus Developments surveymanager コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3325 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245618 7.5 危険 andres g aragoneses - ProdLer の include/prodler.class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3324 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245619 7.5 危険 dimofinf - DCI-Designs Dawaween の poems.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3319 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
245620 7.5 危険 breedveld
Joomla!		 - Joomla! の album コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3318 2012-06-26 16:18 2009-09-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2371 5.3 MEDIUM
Network 		acer connect_m6e_5g_firmware Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extra… CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-50226 2026-06-8 21:57 2026-06-4 Show GitHub Exploit DB Packet Storm
2372 9.8 CRITICAL
Network 		acer connect_m6e_5g_firmware The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans. CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-50214 2026-06-8 21:56 2026-06-4 Show GitHub Exploit DB Packet Storm
2373 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2024-56123 2026-06-8 19:16 2026-06-8 Show GitHub Exploit DB Packet Storm
2374 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2024-56122 2026-06-8 19:16 2026-06-8 Show GitHub Exploit DB Packet Storm
2375 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2024-56121 2026-06-8 19:16 2026-06-8 Show GitHub Exploit DB Packet Storm
2376 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2024-56120 2026-06-8 19:16 2026-06-8 Show GitHub Exploit DB Packet Storm
2377 - - - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2026-36229 2026-06-7 06:16 2026-06-7 Show GitHub Exploit DB Packet Storm
2378 6.5 MEDIUM
Network 		- - A missing upper-bound check in the udpif_set_threads() function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. T… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-36499 2026-06-7 05:16 2026-06-5 Show GitHub Exploit DB Packet Storm
2379 8.3 HIGH
Network 		google chrome Use after free in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. … CWE-416
 Use After Free 		CVE-2026-11002 2026-06-7 03:16 2026-06-5 Show GitHub Exploit DB Packet Storm
2380 4.2 MEDIUM
Network 		google chrome Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted … CWE-290
CWE-451
 Authentication Bypass by Spoofing
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-11001 2026-06-7 02:16 2026-06-5 Show GitHub Exploit DB Packet Storm