Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2931 7.8 重要
Local 		Luis Novo (lfnovo) Open Notebook Luis Novo (lfnovo)のOpen Notebookにおける複数の脆弱性 CWE-20
CWE-352
CWE-917
CWE-noinfo
CVE-2026-28201 2026-05-11 11:02 2026-05-7 Show GitHub Exploit DB Packet Storm
2932 9.8 緊急
Network 		Xiaomi MIUI File Explorer XiaomiのMIUI File Explorerにおける複数の脆弱性 CWE-303
CWE-862
CVE-2026-29515 2026-05-11 11:02 2026-03-11 Show GitHub Exploit DB Packet Storm
2933 6.1 警告
Network 		WorkflowFirst Software LLC Staff.Wiki WorkflowFirst Software LLCのStaff.Wikiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-29969 2026-05-11 11:02 2026-03-26 Show GitHub Exploit DB Packet Storm
2934 5.4 警告
Network 		spomky-labs webauthn-lib
webauthn-symfony-bundle
webauthn framwork 		spomky-labsのwebauthn-lib等の複数製品における同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-30964 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
2935 6.5 警告
Network 		appium Appium/support appiumのAppium/supportにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-30973 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
2936 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2025
Microsoft Windows Server 2022
Microsoft Windows 11 24h2
Microsoft Windows 11 25h2
Microsoft … 		リモート デスクトップ クライアントのリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32157 2026-05-11 11:02 2026-04-14 Show GitHub Exploit DB Packet Storm
2937 10 緊急
Network 		Luis Novo (lfnovo) Open Notebook Luis Novo (lfnovo)のOpen Notebookにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-33587 2026-05-11 11:02 2026-05-7 Show GitHub Exploit DB Packet Storm
2938 8.1 重要
Network 		Luis Novo (lfnovo) Open Notebook Luis Novo (lfnovo)のOpen Notebookにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-33588 2026-05-11 11:02 2026-05-7 Show GitHub Exploit DB Packet Storm
2939 6.5 警告
Network 		Luis Novo (lfnovo) Open Notebook Luis Novo (lfnovo)のOpen Notebookにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-33589 2026-05-11 11:02 2026-05-7 Show GitHub Exploit DB Packet Storm
2940 9.8 緊急
Network 		bukts.ru LLC (Nefteprodukttekhnika) BUK TS-G Gas Station Automation System bukts.ru LLC (Nefteprodukttekhnika)のBUK TS-G Gas Station Automation SystemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-3843 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345461 - francois_raynaud openurgence_vaccin Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) collectivite.class.php, (2… CWE-94
Code Injection 		CVE-2010-1467 2017-08-17 10:32 2010-04-17 Show GitHub Exploit DB Packet Storm
345462 - supachai_teasakul com_sweetykeeper Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a … CWE-22
Path Traversal 		CVE-2010-1474 2017-08-17 10:32 2010-04-20 Show GitHub Exploit DB Packet Storm
345463 - ternaria com_preventive Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impa… CWE-22
Path Traversal 		CVE-2010-1475 2017-08-17 10:32 2010-04-20 Show GitHub Exploit DB Packet Storm
345464 - ibm cognos_8_business_intelligence Unspecified vulnerability in IBM Cognos 8 Business Intelligence before 8.4.1 FP1 has unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2010-1490 2017-08-17 10:32 2010-04-21 Show GitHub Exploit DB Packet Storm
345465 - awdsolution com_awdwall SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to … CWE-89
SQL Injection 		CVE-2010-1493 2017-08-17 10:32 2010-04-23 Show GitHub Exploit DB Packet Storm
345466 - awdsolution com_awdwall Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. CWE-22
Path Traversal 		CVE-2010-1494 2017-08-17 10:32 2010-04-23 Show GitHub Exploit DB Packet Storm
345467 - jolt com_joltcard SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cardID parameter in a view action to index.php. CWE-89
SQL Injection 		CVE-2010-1496 2017-08-17 10:32 2010-04-23 Show GitHub Exploit DB Packet Storm
345468 - clausvb dl_stats Cross-site scripting (XSS) vulnerability in download_proc.php in dl_stats before 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. CWE-79
Cross-site Scripting 		CVE-2010-1497 2017-08-17 10:32 2010-04-23 Show GitHub Exploit DB Packet Storm
345469 - clausvb dl_stats Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) download.php and (2) view_file.php. CWE-89
SQL Injection 		CVE-2010-1498 2017-08-17 10:32 2010-04-23 Show GitHub Exploit DB Packet Storm
345470 - musicboxv2 musicbox SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2010-1499 2017-08-17 10:32 2010-04-23 Show GitHub Exploit DB Packet Storm