Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3811 6.5 警告
Network 		NocoBase NocoBase NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40346 2026-05-15 11:01 2026-04-18 Show GitHub Exploit DB Packet Storm
3812 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40357 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
3813 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-40365 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
3814 8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40368 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
3815 5.5 警告
Local 		jqlang jq jqlangのjqにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40612 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
3816 7.5 重要
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40863 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
3817 5.5 警告
Local 		jqlang jq jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性 CWE-158
NULL バイトまたは NULL キャラクタの不適切な無害化 		CVE-2026-41256 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
3818 5.5 警告
Local 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-41257 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
3819 5.4 警告
Network 		Langfuse GmbH Langfuse Langfuse GmbHのLangfuseにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41487 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
3820 9.8 緊急
Network 		Nhost Nhost/auth NhostのNhost/authにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-41574 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345321 - haberx haberx SQL injection vulnerability in kategorix.asp in Haberx 1.02 through 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in kategorihaberx.asp. NVD-CWE-Other
CVE-2006-4853 2017-10-19 10:29 2006-09-19 Show GitHub Exploit DB Packet Storm
345322 - limbo_cms limbo_cms Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1.0.4.2L and earlier allows remote attackers to upload PHP code to the … NVD-CWE-Other
CVE-2006-4859 2017-10-19 10:29 2006-09-20 Show GitHub Exploit DB Packet Storm
345323 - gnuturk gnuturk_portal_system SQL injection vulnerability in mods.php in GNUTurk 2G and earlier allows remote attackers to execute arbitrary SQL commands via the t_id parameter when the go parameter is "Forum." NVD-CWE-Other
CVE-2006-4867 2017-10-19 10:29 2006-09-20 Show GitHub Exploit DB Packet Storm
345324 - perlunity phpunity_postcard PHP remote file inclusion vulnerability in phpunity-postcard.php in phpunity.postcard allows remote attackers to execute arbitrary PHP code via a URL in the gallery_path parameter. CWE-94
Code Injection 		CVE-2006-4869 2017-10-19 10:29 2006-09-20 Show GitHub Exploit DB Packet Storm
345325 - aewebworks aedating Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, and possibly earlier versions, allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/… NVD-CWE-Other
CVE-2006-4870 2017-10-19 10:29 2006-09-20 Show GitHub Exploit DB Packet Storm
345326 - unak unak_cms Multiple PHP remote file inclusion vulnerabilities in UNAK-CMS 1.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the dirroot parameter to (1) fckeditor/editor/filemana… NVD-CWE-Other
CVE-2006-4890 2017-10-19 10:29 2006-09-20 Show GitHub Exploit DB Packet Storm
345327 - cmtexts cmtexts CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient access control, which allows remote attackers to obtain the administrator password. NVD-CWE-Other
CVE-2006-4897 2017-10-19 10:29 2006-09-20 Show GitHub Exploit DB Packet Storm
345328 - guanxicrm guanxicrm_business_solution PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in guanxiCRM 0.9.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appconf[rootpath] parameter. NVD-CWE-Other
CVE-2006-4898 2017-10-19 10:29 2006-09-20 Show GitHub Exploit DB Packet Storm
345329 - marc_logemann more.groupware SQL injection vulnerability in modules/calendar/week.php in More.groupware 0.74 allows remote attackers to execute arbitrary SQL commands via the new_calendarid parameter. NVD-CWE-Other
CVE-2006-4906 2017-10-19 10:29 2006-09-21 Show GitHub Exploit DB Packet Storm
345330 - php_docwriter php_docwriter PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script parameter. NVD-CWE-Other
CVE-2006-4912 2017-10-19 10:29 2006-09-21 Show GitHub Exploit DB Packet Storm