Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246891 7.5 危険 fr.simon rundell
TYPO3 Association		 - TYPO3 の pd_churchsearch 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6463 2012-06-26 16:10 2008-07-9 Show GitHub Exploit DB Packet Storm
246892 7.5 危険 fr.simon rundell
TYPO3 Association		 - TYPO3 の ste_prayer2 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6461 2012-06-26 16:10 2008-07-9 Show GitHub Exploit DB Packet Storm
246893 6.4 警告 blogator-script - Blogator-script の _blogadata/include/init_pass2.php における任意のユーザのパスワードを変更される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-6473 2012-06-26 16:10 2009-03-16 Show GitHub Exploit DB Packet Storm
246894 5 警告 csphere - ClanSphere における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6470 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
246895 7.5 危険 dieselscripts - Diesel Pay の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6468 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
246896 7.5 危険 dieselscripts - Diesel Job Site の jobs/jobseekers/job-info.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6467 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
246897 7.5 危険 e107.org
akirapowered		 - Akira Powered Image Gallery プラグインの image_gallery.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6466 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
246898 7.5 危険 dieter mayer
TYPO3 Association		 - TYPO3 の dmaddredit の FE address edit における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6458 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
246899 7.5 危険 brian wilson - ol'bookmarks manager の show.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6410 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
246900 7.5 危険 brian wilson - ol'bookmarks manager の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6409 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3561 3.8 LOW
Local 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpf_pr… CWE-127
CWE-200
 Buffer Under-read
Information Exposure 		CVE-2026-45683 2026-06-4 01:52 2026-06-3 Show GitHub Exploit DB Packet Storm
3562 5.9 MEDIUM
Network 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the per-CPU message-buffer fallback path uses a 256-byte backup buffer bu… CWE-125
CWE-130
Out-of-bounds Read
 Improper Handling of Length Parameter Inconsistency 		CVE-2026-45681 2026-06-4 01:52 2026-06-3 Show GitHub Exploit DB Packet Storm
3563 5.5 MEDIUM
Local 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking… CWE-401
CWE-770
 Missing Release of Memory after Effective Lifetime
 Allocation of Resources Without Limits or Throttling 		CVE-2026-45682 2026-06-4 01:51 2026-06-3 Show GitHub Exploit DB Packet Storm
3564 4.3 MEDIUM
Network 		mintplexlabs anythingllm AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mod… CWE-285
CWE-639
Improper Authorization
 Authorization Bypass Through User-Controlled Key 		CVE-2026-47713 2026-06-4 01:51 2026-05-29 Show GitHub Exploit DB Packet Storm
3565 7.5 HIGH
Network 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once pe… CWE-400
CWE-834
 Uncontrolled Resource Consumption
 Excessive Iteration 		CVE-2026-45680 2026-06-4 01:51 2026-06-3 Show GitHub Exploit DB Packet Storm
3566 6.5 MEDIUM
Network 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redi… CWE-117
CWE-532
 Improper Output Neutralization for Logs
 Inclusion of Sensitive Information in Log Files 		CVE-2026-45679 2026-06-4 01:50 2026-06-3 Show GitHub Exploit DB Packet Storm
3567 7.5 HIGH
Network 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a vali… CWE-20
CWE-754
 Improper Input Validation 
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-45678 2026-06-4 01:50 2026-06-3 Show GitHub Exploit DB Packet Storm
3568 9.8 CRITICAL
Network 		- - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2026-9642 2026-06-4 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3569 7.4 HIGH
Network 		- - SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Security-Server headers and ESP traffic), which allows an… - CVE-2026-10629 2026-06-4 01:16 2026-06-3 Show GitHub Exploit DB Packet Storm
3570 7.3 HIGH
Network 		- - A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file src/Model/Build/GitBuild.php of the component Webhook Endpoint. Performing a manipulation of the argu… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-10273 2026-06-4 01:16 2026-06-2 Show GitHub Exploit DB Packet Storm