Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3691 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-7377 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3692 9.8 緊急
Network 		OpenClaw OpenClaw OpenClawにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-8305 2026-05-18 11:23 2026-05-11 Show GitHub Exploit DB Packet Storm
3693 9.8 緊急
Network 		Mozilla Foundation Mozilla Firefox Mozilla FoundationのMozilla Firefoxにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-8401 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
3694 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-8581 2026-05-18 11:23 2026-05-14 Show GitHub Exploit DB Packet Storm
3695 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるアセットへのアクセス後に実装されたアクセス制御チェックに関する脆弱性 CWE-1280
アセットへのアクセス後に実装されたアクセス制御チェック 		CVE-2026-3607 2026-05-18 11:23 2026-05-14 Show GitHub Exploit DB Packet Storm
3696 9.8 緊急
Network 		フォーティネット FortiSandbox
FortiSandbox PaaS
FortiSandbox Cloud 		フォーティネットのFortiSandbox等の複数製品における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-26083 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
3697 7.5 重要
Network 		アドビシステムズ C2PA (Coalition for Content Provenance and Authenticity)
(Content Authenticity Initiative) c2pa-web 		アドビの(Content Authenticity Initiative) c2pa-web等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-34665 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
3698 6.2 警告
Local 		アドビシステムズ C2PA (Coalition for Content Provenance and Authenticity)
(Content Authenticity Initiative) c2pa-web 		アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-34666 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
3699 6.2 警告
Local 		アドビシステムズ C2PA (Coalition for Content Provenance and Authenticity)
(Content Authenticity Initiative) c2pa-web 		アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2026-34667 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
3700 6.2 警告
Local 		アドビシステムズ C2PA (Coalition for Content Provenance and Authenticity)
(Content Authenticity Initiative) c2pa-web 		アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-34668 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345401 - squirrelmail squirrelmail Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" a… NVD-CWE-Other
CVE-2006-0195 2017-10-11 10:30 2006-02-24 Show GitHub Exploit DB Packet Storm
345402 - htmltonuke htmltonuke PHP remote file inclusion vulnerability in htmltonuke.php in the htmltonuke 2.0 alpha, and possibly other versions, module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL… CWE-94
Code Injection 		CVE-2006-0308 2017-10-11 10:30 2006-01-19 Show GitHub Exploit DB Packet Storm
345403 - cisco aironet_ap1100
aironet_ap1130ag
aironet_ap1200
aironet_ap1230ag
aironet_ap1240ag
aironet_ap1300
aironet_ap1400
aironet_ap350 		Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections)… CWE-399
 Resource Management Errors 		CVE-2006-0354 2017-10-11 10:30 2006-01-23 Show GitHub Exploit DB Packet Storm
345404 - squirrelmail squirrelmail CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select comm… NVD-CWE-Other
CVE-2006-0377 2017-10-11 10:30 2006-02-24 Show GitHub Exploit DB Packet Storm
345405 - hp hp-ux Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors. NVD-CWE-Other
CVE-2006-0436 2017-10-11 10:30 2006-01-26 Show GitHub Exploit DB Packet Storm
345406 - greg_roelofs libpng Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2006-0481 2017-10-11 10:30 2006-02-1 Show GitHub Exploit DB Packet Storm
345407 - cisco ios The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting… NVD-CWE-Other
CVE-2006-0485 2017-10-11 10:30 2006-02-1 Show GitHub Exploit DB Packet Storm
345408 - cisco ios Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different l… NVD-CWE-Other
CVE-2006-0486 2017-10-11 10:30 2006-02-1 Show GitHub Exploit DB Packet Storm
345409 - sun solaris Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vector… NVD-CWE-Other
CVE-2006-0516 2017-10-11 10:30 2006-02-2 Show GitHub Exploit DB Packet Storm
345410 - sun java_system_access_manager Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool. NVD-CWE-Other
CVE-2006-0531 2017-10-11 10:30 2006-02-4 Show GitHub Exploit DB Packet Storm