Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246081 7.5 危険 bjsintay - SiteX におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-1846 2012-06-26 16:10 2009-06-1 Show GitHub Exploit DB Packet Storm
246082 7.5 危険 glenn mcgurrin - Flash Quiz Beta における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1843 2012-06-26 16:10 2009-06-1 Show GitHub Exploit DB Packet Storm
246083 6.5 警告 collector - myGesuad の modules/admuser.php におけるユーザアカウントをリストアップされる脆弱性 CWE-287
不適切な認証 		CVE-2009-1826 2012-06-26 16:10 2009-05-29 Show GitHub Exploit DB Packet Storm
246084 4 警告 collector - myColex の modules/admuser.php におけるユーザアカウントをリストアップされる脆弱性 CWE-287
不適切な認証 		CVE-2009-1825 2012-06-26 16:10 2009-05-29 Show GitHub Exploit DB Packet Storm
246085 7.2 危険 arcabit - ArcaBit ArcaVir 2009 Antivirus Protection の ps_drv.sys カーネルドライバにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-1824 2012-06-26 16:10 2009-05-29 Show GitHub Exploit DB Packet Storm
246086 2.6 注意 Drupal - Drupal 用の Print モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1823 2012-06-26 16:10 2009-05-13 Show GitHub Exploit DB Packet Storm
246087 7.5 危険 gonzalo maser
Joomla!		 - Joomla! 用の com_artforms component における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-1822 2012-06-26 16:10 2009-05-29 Show GitHub Exploit DB Packet Storm
246088 5 警告 DMXReady - DMXReady Registration Manager におけるデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1821 2012-06-26 16:10 2009-05-29 Show GitHub Exploit DB Packet Storm
246089 4.3 警告 2daybiz - 2daybiz Custom T-shirt Design Script の product.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1820 2012-06-26 16:10 2009-05-29 Show GitHub Exploit DB Packet Storm
246090 7.5 危険 2daybiz - 2daybiz Custom T-shirt Design Script の product.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1819 2012-06-26 16:10 2009-05-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2131 7.4 HIGH
Network 		- - A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN sit… CWE-295
Improper Certificate Validation  		CVE-2026-50752 2026-06-8 23:57 2026-06-8 Show GitHub Exploit DB Packet Storm
2132 3.8 LOW
Network 		- - The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the delete_cancel_staging_si… CWE-73
 External Control of File Name or Path 		CVE-2025-12656 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2133 4.3 MEDIUM
Network 		- - The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to pe… CWE-862
 Missing Authorization 		CVE-2026-7523 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2134 7.5 HIGH
Network 		- - The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.17 via the (profile template scope) functi… CWE-22
Path Traversal 		CVE-2026-9290 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2135 4.3 MEDIUM
Network 		- - The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missin… CWE-352
 Origin Validation Error 		CVE-2026-9719 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2136 8.8 HIGH
Network 		- - The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-7654 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2137 4.3 MEDIUM
Network 		- - The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to A… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-10038 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2138 4.9 MEDIUM
Network 		- - The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' parameter in all versions up to, and including, 11.1… CWE-89
SQL Injection 		CVE-2026-6448 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2139 4.3 MEDIUM
Network 		- - The Frontend User Notes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the funp_… CWE-352
 Origin Validation Error 		CVE-2026-7047 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
2140 5.3 MEDIUM
Network 		- - The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to, and including, 2.1.0. This is du… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-8608 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm