Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3701 9.8 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-7301 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
3702 9.1 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおけるパストラバーサルの脆弱性 CWE-35
パストラバーサル 		CVE-2026-7302 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
3703 9.8 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-7304 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
3704 5.5 警告
Local 		Open Source Geospatial Foundation GDAL Open Source Geospatial FoundationのGDALにおける複数の脆弱性 CWE-119
CWE-122
CWE-125
CVE-2026-8212 2026-05-21 10:49 2026-05-9 Show GitHub Exploit DB Packet Storm
3705 5.5 警告
Local 		Open Source Geospatial Foundation GDAL Open Source Geospatial FoundationのGDALにおける複数の脆弱性 CWE-119
CWE-122
CWE-125
CVE-2026-8213 2026-05-21 10:49 2026-05-9 Show GitHub Exploit DB Packet Storm
3706 7.5 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性 CWE-472
不変と仮定される Web パラメータの外部制御 		CVE-2026-8510 2026-05-21 10:49 2026-05-14 Show GitHub Exploit DB Packet Storm
3707 8.3 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-8513 2026-05-21 10:49 2026-05-14 Show GitHub Exploit DB Packet Storm
3708 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおけるライフタイムを通してのリソース制御に関する脆弱性 CWE-664
ライフタイムを通してのリソースの不適切な制御 		CVE-2026-8517 2026-05-21 10:49 2026-05-14 Show GitHub Exploit DB Packet Storm
3709 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性 CWE-472
不変と仮定される Web パラメータの外部制御 		CVE-2026-8519 2026-05-21 10:49 2026-05-14 Show GitHub Exploit DB Packet Storm
3710 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-8522 2026-05-21 10:49 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
305591 - moodle moodle Multiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/coursetags_more.php in Moodle 2.0.x before 2.0.2 allow remote attackers to inject arbitrary web script or H… CWE-79
Cross-site Scripting 		CVE-2011-4282 2024-11-21 10:32 2012-07-16 Show GitHub Exploit DB Packet Storm
305592 - moodle moodle Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of… CWE-352
 Origin Validation Error 		CVE-2011-4281 2024-11-21 10:32 2012-07-16 Show GitHub Exploit DB Packet Storm
305593 - moodle
nimish_pachapurkar 		moodle
spike_phpcoverage 		Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary … CWE-79
Cross-site Scripting 		CVE-2011-4280 2024-11-21 10:32 2012-07-16 Show GitHub Exploit DB Packet Storm
305594 - moodle moodle Moodle 2.0.x before 2.0.2 does not use the forceloginforprofiles setting for course-profiles access control, which makes it easier for remote attackers to obtain potentially sensitive information via… CWE-200
Information Exposure 		CVE-2011-4279 2024-11-21 10:32 2012-07-16 Show GitHub Exploit DB Packet Storm
305595 - moodle moodle Cross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via … CWE-79
Cross-site Scripting 		CVE-2011-4278 2024-11-21 10:32 2012-07-16 Show GitHub Exploit DB Packet Storm
305596 - moodle moodle Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to bypass intended access restrictions and perform global searches by leveraging the guest role and making a direct request to… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4309 2024-11-21 10:32 2012-07-11 Show GitHub Exploit DB Packet Storm
305597 - moodle moodle mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4308 2024-11-21 10:32 2012-07-11 Show GitHub Exploit DB Packet Storm
305598 - moodle moodle Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the sectio… CWE-79
Cross-site Scripting 		CVE-2011-4307 2024-11-21 10:32 2012-07-11 Show GitHub Exploit DB Packet Storm
305599 - moodle moodle Cross-site scripting (XSS) vulnerability in course/editsection.html in Moodle 1.9.x before 1.9.14 allows remote authenticated users to inject arbitrary web script or HTML via crafted data. CWE-79
Cross-site Scripting 		CVE-2011-4306 2024-11-21 10:32 2012-07-11 Show GitHub Exploit DB Packet Storm
305600 - moodle moodle message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote authenticated users to cause a denial of service (infinite request loop) via a URL that specifies a zero wait time for message refreshi… CWE-189
Numeric Errors 		CVE-2011-4305 2024-11-21 10:32 2012-07-11 Show GitHub Exploit DB Packet Storm