Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
451 6.5 警告
Network 		IBM IBM Aspera High-Speed Transfer Server
IBM Aspera High-Speed Transfer Endpoint 		IBMのIBM Aspera High-Speed Transfer Endpoint等の複数製品におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-9035 2026-06-8 12:30 2026-05-27 Show GitHub Exploit DB Packet Storm
452 6.5 警告
Network 		Google Google Chrome GoogleのGoogle Chromeにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-9122 2026-06-8 12:30 2026-05-20 Show GitHub Exploit DB Packet Storm
453 7.5 重要
Adjacent 		Google Google Chrome GoogleのGoogle Chromeにおけるヒープベースのバッファオーバーフローの脆弱性 New CWE-122
ヒープオーバーフロー 		CVE-2026-9123 2026-06-8 12:30 2026-05-20 Show GitHub Exploit DB Packet Storm
454 5.3 警告
Network 		Google Google Chrome GoogleのGoogle Chromeにおける入力確認に関する脆弱性 New CWE-20
CWE-noinfo
CVE-2026-9124 2026-06-8 12:30 2026-05-20 Show GitHub Exploit DB Packet Storm
455 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-9126 2026-06-8 12:30 2026-05-20 Show GitHub Exploit DB Packet Storm
456 7.3 重要
Network 		rurban cpanel::json::xs Reini UrbanのCpanel::JSON::XSにおける型の取り違えに関する脆弱性 New CWE-843
型の取り違え 		CVE-2026-9334 2026-06-8 12:30 2026-06-3 Show GitHub Exploit DB Packet Storm
457 7.5 重要
Network 		rurban cpanel::json::xs Reini UrbanのCpanel::JSON::XSにおける複数の脆弱性 New CWE-755
CWE-763
CVE-2026-9516 2026-06-8 12:30 2026-06-3 Show GitHub Exploit DB Packet Storm
458 5.5 警告
Local 		Grzegorz Kostka (gkostka) Lwext4 Grzegorz Kostka (gkostka)のLwext4におけるゼロ除算に関する脆弱性 New CWE-369
ゼロ除算 		CVE-2025-70100 2026-06-8 12:29 2026-06-3 Show GitHub Exploit DB Packet Storm
459 6.5 警告
Network 		Grzegorz Kostka (gkostka) Lwext4 Grzegorz Kostka (gkostka)のLwext4における境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2025-70101 2026-06-8 12:28 2026-06-3 Show GitHub Exploit DB Packet Storm
460 7.5 重要
Network 		NAVTOR AS NavBox Firmware NAVTOR ASのNavBox Firmwareにおける絶対パストラバーサルに関する脆弱性 New CWE-36
絶対パストラバーサル 		CVE-2026-2753 2026-06-8 12:28 2026-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258151 8.8 HIGH
Network 		invite_anyone_project invite_anyone The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. CWE-352
 Origin Validation Error 		CVE-2017-18544 2024-11-21 12:20 2019-08-17 Show GitHub Exploit DB Packet Storm
258152 9.8 CRITICAL
Network 		invite_anyone_project invite_anyone The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. CWE-284
Improper Access Control 		CVE-2017-18543 2024-11-21 12:20 2019-08-17 Show GitHub Exploit DB Packet Storm
258153 6.1 MEDIUM
Network 		bestwebsoft zendesk_help_center The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues. CWE-79
Cross-site Scripting 		CVE-2017-18542 2024-11-21 12:20 2019-08-17 Show GitHub Exploit DB Packet Storm
258154 6.1 MEDIUM
Network 		xakuro xo_security The xo-security plugin before 1.5.3 for WordPress has XSS. CWE-79
Cross-site Scripting 		CVE-2017-18541 2024-11-21 12:20 2019-08-17 Show GitHub Exploit DB Packet Storm
258155 9.8 CRITICAL
Network 		datainterlock note_press The note-press plugin before 0.1.2 for WordPress has SQL injection. CWE-89
SQL Injection 		CVE-2017-18548 2024-11-21 12:20 2019-08-16 Show GitHub Exploit DB Packet Storm
258156 8.8 HIGH
Network 		expresstech responsive_menu The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. CWE-352
 Origin Validation Error 		CVE-2017-18513 2024-11-21 12:20 2019-08-15 Show GitHub Exploit DB Packet Storm
258157 8.8 HIGH
Network 		supsystic newsletter_by_supsystic The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2017-18512 2024-11-21 12:20 2019-08-15 Show GitHub Exploit DB Packet Storm
258158 8.8 HIGH
Network 		wpmudev custom_sidebars The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF. CWE-352
 Origin Validation Error 		CVE-2017-18511 2024-11-21 12:20 2019-08-15 Show GitHub Exploit DB Packet Storm
258159 8.8 HIGH
Network 		wpmudev custom_sidebars The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions. CWE-352
 Origin Validation Error 		CVE-2017-18510 2024-11-21 12:20 2019-08-15 Show GitHub Exploit DB Packet Storm
258160 9.8 CRITICAL
Network 		simplerealtytheme simple_login_log The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. CWE-89
SQL Injection 		CVE-2017-18514 2024-11-21 12:20 2019-08-15 Show GitHub Exploit DB Packet Storm