Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254501	7.5	危険	Snitz	-	Snitz Forums の members.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4826	2012-03-27 18:42	2011-08-24	Show	GitHub Exploit DB Packet Storm

254502	4.3	警告	WordPress.org pleer	-	WordPress 用の Twitter Feed プラグインの magpie_debug.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4825	2012-03-27 18:42	2011-08-24	Show	GitHub Exploit DB Packet Storm

254503	7.5	危険	bestsoftinc	-	BSI Advance Hotel Booking System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4814	2012-03-27 18:42	2011-07-8	Show	GitHub Exploit DB Packet Storm

254504	3.5	注意	Drupal scheepers de bruin	-	Drupal 用の Category Tokens モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4813	2012-03-27 18:42	2011-07-8	Show	GitHub Exploit DB Packet Storm

254505	6.5	警告	6kbbs	-	6kbbs における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4812	2012-03-27 18:42	2011-07-8	Show	GitHub Exploit DB Packet Storm

254506	4.3	警告	6kbbs	-	6kbbs の ajaxmember.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4811	2012-03-27 18:42	2011-07-8	Show	GitHub Exploit DB Packet Storm

254507	7.5	危険	awcm	-	AWCM における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4810	2012-03-27 18:42	2011-07-8	Show	GitHub Exploit DB Packet Storm

254508	7.5	危険	liberologico	-	DBSite の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4809	2012-03-27 18:42	2011-07-8	Show	GitHub Exploit DB Packet Storm

254509	7.5	危険	Wafer	-	Webmatic の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4808	2012-03-27 18:42	2011-07-8	Show	GitHub Exploit DB Packet Storm

254510	3.5	注意	IBM	-	IBM WCM におけるサービス運用妨害 (DoS) の脆弱性	CWE-362 競合状態	CVE-2010-4807	2012-03-27 18:42	2011-04-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
321	6.5	MEDIUM Adjacent	-	-	The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandles peer-supplied ASE state notifications. In unicast_client_ep_qos_state() (subsys/bluetooth/audio/bap_unicast_client.c)… New	CWE-476 NULL Pointer Dereference	CVE-2026-10593	2026-06-30 00:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

322	2.7	LOW Network	devolutions	devolutions_server	Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side… New	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2026-12755	2026-06-30 00:15	2026-06-25	Show	GitHub Exploit DB Packet Storm

323	7.2	HIGH Network	devolutions	remote_desktop_manager	Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a … New	CWE-706 Use of Incorrectly-Resolved Name or Reference	CVE-2026-13372	2026-06-29 23:56	2026-06-27	Show	GitHub Exploit DB Packet Storm

324	5.2	MEDIUM Local	deno	deno	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresse… New	CWE-693 CWE-918 Protection Mechanism Failure Server-Side Request Forgery (SSRF)	CVE-2026-49859	2026-06-29 23:38	2026-06-24	Show	GitHub Exploit DB Packet Storm

325	5.2	MEDIUM Local	deno	deno	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-49860	2026-06-29 23:37	2026-06-24	Show	GitHub Exploit DB Packet Storm

326	4.8	MEDIUM Network	-	-	The Shariff for WordPress Shariff for WordPress plugin through 1.0.11 does not sanitize or escape the shariff_infourl setting before outputting it in the frontend HTML via the generateshariff() funct… New	-	CVE-2026-9677	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

327	4.3	MEDIUM Network	-	-	The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing authenticated users with Subscriber-level access and … New	-	CVE-2026-9676	2026-06-29 23:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

328	5.0	MEDIUM Network	-	-	Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying 'nod… New	CWE-178 Improper Handling of Case Sensitivity	CVE-2026-58057	2026-06-29 23:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

329	7.6	HIGH Network	-	-	RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a… New	CWE-863 Incorrect Authorization	CVE-2026-58056	2026-06-29 23:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

330	7.2	HIGH Network	-	-	MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when creating or editing users; the user module offers the Administrators group (gid 4) and its datahandler… New	CWE-269 Improper Privilege Management	CVE-2026-58054	2026-06-29 23:16	2026-06-28	Show	GitHub Exploit DB Packet Storm