Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3501 8.8 重要
Adjacent 		TP-LINK Technologies Archer C64 Firmware TP-LINK TechnologiesのArcher C64 Firmwareにおける複数の脆弱性 CWE-288
CWE-306
CVE-2026-8697 2026-06-5 10:50 2026-05-28 Show GitHub Exploit DB Packet Storm
3502 9.8 緊急
Network 		Mirasvit Full Page Cache Warmer MirasvitのFull Page Cache Warmerにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-45247 2026-06-5 10:50 2026-05-26 Show GitHub Exploit DB Packet Storm
3503 7.8 重要
Local 		Google Android GoogleのAndroidにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2025-48649 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
3504 7.8 重要
Local 		Google Android GoogleのAndroidにおける権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-0009 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
3505 7.8 重要
Local 		Google Android GoogleのAndroidにおけるレンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限に関する脆弱性 CWE-1021
レンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限 		CVE-2026-0036 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
3506 7.8 重要
Local 		Google Android GoogleのAndroidにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-0045 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
3507 3.3
Local 		Google Android GoogleのAndroidにおける古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-0056 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
3508 8 重要
Adjacent 		Google Android GoogleのAndroidにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-0059 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
3509 5.5 警告
Local 		Google Android GoogleのAndroidにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-0060 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
3510 5.5 警告
Local 		Google Android GoogleのAndroidにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-0067 2026-06-5 10:50 2026-06-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
344341 - easy-cms easy-cms choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does not restrict uploads of filenames with multiple extensions, which allows remote attackers to execute arbitrary PHP code by uploadin… NVD-CWE-Other
CVE-2006-3128 2018-10-19 01:46 2006-06-22 Show GitHub Exploit DB Packet Storm
344342 - qto qtofilemanager Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php. NVD-CWE-Other
CVE-2006-3132 2018-10-19 01:46 2006-06-22 Show GitHub Exploit DB Packet Storm
344343 - vwar virtual_war Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and … CWE-89
SQL Injection 		CVE-2006-3139 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm
344344 - vbzoom vbzoom SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote attackers to execute arbitrary SQL commands via the MainID parameter. NVD-CWE-Other
CVE-2006-3142 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm
344345 - maximus schoolmax Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the … NVD-CWE-Other
CVE-2006-3143 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm
344346 - ibd micro_cms PHP remote file inclusion vulnerability in micro_cms_files/microcms-include.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) and earlier allows remote attackers to execute arbitrary PHP code … CWE-94
Code Injection 		CVE-2006-3144 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm
344347 - toshiba bluetooth_stack The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2006-3146 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm
344348 - eduha_meeting eduha_meeting index.php in Eduha Meeting does not properly restrict file extensions before permitting a file upload, which allows remote attackers to bypass security checks and upload or execute arbitrary php code… NVD-CWE-Other
CVE-2006-3158 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm
344349 - onedotoh simple_file_manager Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NVD-CWE-Other
CVE-2006-3160 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm
344350 - saphp saphplesson SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the action parameter. NVD-CWE-Other
CVE-2006-3161 2018-10-19 01:46 2006-06-23 Show GitHub Exploit DB Packet Storm