Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251971 5 警告 douran - Douran Portal における Web ルート下の任意のファイルのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-1569 2012-03-27 18:43 2011-04-5 Show GitHub Exploit DB Packet Storm
251972 9.3 危険 IBM - IBM solidDB の solid.exe における認証を回避する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-1560 2012-03-27 18:43 2011-04-5 Show GitHub Exploit DB Packet Storm
251973 10 危険 IBM - IBM Web Interface for Content Management における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2011-1559 2012-03-27 18:43 2011-04-5 Show GitHub Exploit DB Packet Storm
251974 4.3 警告 IBM - IBM Web Interface for Content Management におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1558 2012-03-27 18:43 2011-04-5 Show GitHub Exploit DB Packet Storm
251975 7.5 危険 ICloudCenter - ICloudCenter ICJobSite における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-1557 2012-03-27 18:43 2011-04-4 Show GitHub Exploit DB Packet Storm
251976 6.8 警告 Andy's PHP Knowledgebase Project - Aphpkb の plugins/pdfClasses/pdfgen.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-1556 2012-03-27 18:43 2011-04-4 Show GitHub Exploit DB Packet Storm
251977 6.8 警告 Andy's PHP Knowledgebase Project - Aphpkb のsa.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-1555 2012-03-27 18:43 2011-03-16 Show GitHub Exploit DB Packet Storm
251978 4.3 警告 foolabs
T1lib		 - Xpdf などの製品で使用される t1lib におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2011-1554 2012-03-27 18:43 2011-03-31 Show GitHub Exploit DB Packet Storm
251979 4.3 警告 foolabs
T1lib		 - Xpdf などの製品で使用される t1lib におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1553 2012-03-27 18:43 2011-03-31 Show GitHub Exploit DB Packet Storm
251980 4.3 警告 foolabs
T1lib		 - Xpdf などの製品で使用される t1lib におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-1552 2012-03-27 18:43 2011-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 - - - An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacke… New CWE-200
Information Exposure 		CVE-2026-54396 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
162 - - - MISP contains a reflected cross-site scripting vulnerability in the UiBeta event index view. The urlparams value is inserted into an inline JavaScript handler using HTML escaping inside a single-quot… New CWE-79
Cross-site Scripting 		CVE-2026-54395 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
163 - - - MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and… New CWE-22
Path Traversal 		CVE-2026-54394 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
164 - - - A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal(), bypa… New CWE-79
Cross-site Scripting 		CVE-2026-54393 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
165 - - - An incorrect visibility condition in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. The custom ac… New CWE-863
 Incorrect Authorization 		CVE-2026-54362 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
166 - - - Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input wi… New CWE-94
CWE-150
Code Injection
 Improper Neutralization of Escape, Meta, or Control Sequences 		CVE-2026-54057 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
167 7.6 HIGH
Network 		- - Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, `kitten dnd` can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the lo… New CWE-59
Link Following 		CVE-2026-54056 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
168 3.7 LOW
Network 		- - ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, when `prettyUrls: true` is enabled on `@apostrophecms/file` (a documented SEO feature for se… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-53607 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
169 5.4 MEDIUM
Network 		- - ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Versions of sanitize-html prior to 2.17.5 use `allowedSchemesAp… New CWE-79
Cross-site Scripting 		CVE-2026-53606 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm
170 7.5 HIGH
Network 		- - IBM Qiskit SDK 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denial of service due to uncontrolled recursion in the parser. New - CVE-2026-4870 2026-06-13 06:16 2026-06-13 Show GitHub Exploit DB Packet Storm