Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4201 5.3 警告
Network 		Northern.tech cfengine Northern.techのcfengineにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-24711 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
4202 7.3 重要
Network 		Northern.tech cfengine Northern.techのcfengineにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-24712 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
4203 9.8 緊急
Network 		Open JS Foundation WebdriverIO Open JS FoundationのWebdriverIOにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-25244 2026-05-21 10:55 2026-05-18 Show GitHub Exploit DB Packet Storm
4204 6.5 警告
Network 		マイクロソフト Power Automate for Desktop Microsoft Power Automate デスクトップの情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-40374 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
4205 7.8 重要
Local 		protobufjs project protobufjs-cli protobufjs projectのprotobufjs-cliにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-42290 2026-05-21 10:55 2026-05-13 Show GitHub Exploit DB Packet Storm
4206 6.1 警告
Network 		beaugunderson ip-address beaugundersonのip-addressにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42338 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
4207 7.6 重要
Network 		PocketBase PocketBase PocketBaseにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-44166 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
4208 7.2 重要
Network 		German Cancer Research Center (DKFZ) nnU-Net German Cancer Research Center (DKFZ)のnnU-Netにおけるインジェクションに関する脆弱性 CWE-74
インジェクション 		CVE-2026-44246 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
4209 8.7 重要
Network 		protobufjs project protobufjs-cli protobufjs projectのprotobufjs-cliにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-44295 2026-05-21 10:55 2026-05-13 Show GitHub Exploit DB Packet Storm
4210 9.8 緊急
Network 		WGDashboard WGDashboard WGDashboardにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-44343 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
344671 - timo_sirainen dovecot Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the … NVD-CWE-Other
CVE-2006-2414 2018-10-19 01:39 2006-05-16 Show GitHub Exploit DB Packet Storm
344672 - e107 e107 SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name']. CWE-89
SQL Injection 		CVE-2006-2416 2018-10-19 01:39 2006-05-16 Show GitHub Exploit DB Packet Storm
344673 - e107 e107 Update to version 0.7.4. http://e107.org/edownload.php CWE-89
SQL Injection 		CVE-2006-2416 2018-10-19 01:39 2006-05-16 Show GitHub Exploit DB Packet Storm
344674 - swsoft confixx Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter. NVD-CWE-Other
CVE-2006-2423 2018-10-19 01:39 2006-05-17 Show GitHub Exploit DB Packet Storm
344675 - phpremoteview phpremoteview Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) f, (2) d, a… NVD-CWE-Other
CVE-2006-2425 2018-10-19 01:39 2006-05-17 Show GitHub Exploit DB Packet Storm
344676 - sun jdk
jre
sdk 		Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.… NVD-CWE-Other
CVE-2006-2426 2018-10-19 01:39 2006-05-17 Show GitHub Exploit DB Packet Storm
344677 - ibm websphere_application_server Cross-site scripting (XSS) vulnerability in the 500 Internal Server Error page on the SOAP port (8880/tcp) in IBM WebSphere Application Server 5.0.2 and earlier, 5.1.x before 5.1.1.12, and 6.0.2 up t… CWE-79
Cross-site Scripting 		CVE-2006-2431 2018-10-19 01:39 2006-05-17 Show GitHub Exploit DB Packet Storm
344678 - verosky_media instant_photo_gallery Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the cat_id … NVD-CWE-Other
CVE-2006-2079 2018-10-19 01:38 2006-04-28 Show GitHub Exploit DB Packet Storm
344679 - verosky_media instant_photo_gallery SQL injection vulnerability in portfolio_photo_popup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not clea… NVD-CWE-Other
CVE-2006-2080 2018-10-19 01:38 2006-04-28 Show GitHub Exploit DB Packet Storm
344680 - oracle database_server Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET_DOMAIN_INDEX_METADATA function in the DBMS_EXPORT_EXTENSION package. NOTE: this issue was original… NVD-CWE-Other
CVE-2006-2081 2018-10-19 01:38 2006-04-28 Show GitHub Exploit DB Packet Storm