Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5181 9.1 緊急
Network 		axios project axios axios projectのaxiosにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性 CWE-1321
オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染) 		CVE-2026-42264 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
5182 5.7 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるCSV ファイル内の数式要素の中和に関する脆弱性 CWE-1236
CSV ファイル内の数式要素の不適切な中和 		CVE-2026-42267 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
5183 7.5 重要
Network 		The Go Project Go The Go ProjectのGoにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-42499 2026-05-15 11:00 2026-05-7 Show GitHub Exploit DB Packet Storm
5184 7.5 重要
Network 		The Go Project Go The Go ProjectのGoにおけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-42501 2026-05-15 11:00 2026-05-7 Show GitHub Exploit DB Packet Storm
5185 9.1 緊急
Network 		Grav CMS grav Grav CMSのgravにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-42608 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
5186 5.4 警告
Network 		Open edX openedx Open edXのopenedxにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42857 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
5187 9.9 緊急
Network 		Open edX openedx Open edXのopenedxにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42858 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
5188 7.5 重要
Network 		マイクロソフト Microsoft Outlook Microsoft Outlook for iOS の改ざんの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-42893 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
5189 7.5 重要
Network 		マイクロソフト .NET ASP.NET Core のサービス拒否の脆弱性 CWE-835
無限ループ 		CVE-2026-42899 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
5190 8.6 重要
Network 		Linux Linux Kernel LinuxのLinux Kernelにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-43139 2026-05-15 11:00 2026-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345721 - bare_concept_media pheap_cms The vendor has released version 1.3 to address this issue. NVD-CWE-Other
CVE-2006-4531 2018-10-18 06:37 2006-09-2 Show GitHub Exploit DB Packet Storm
345722 - iss blackice_pc_protection RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API funct… CWE-20
 Improper Input Validation  		CVE-2006-4541 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345723 - hlstats hlstats Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 allows remote attackers to inject arbitrary web script or HTML via the (1) game parameter in players mode, the (2) weapon paramet… NVD-CWE-Other
CVE-2006-4543 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345724 - exbb exbb Multiple PHP remote file inclusion vulnerabilities in ExBB 1.9.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the exbb[home_path] parameter in … NVD-CWE-Other
CVE-2006-4544 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345725 - lyris list_manager Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at least one list on the server, to add new administrators to any list via a modified MEMBERS_.List_ p… NVD-CWE-Other
CVE-2006-4546 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345726 - lyris list_manager Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single quote) character in the name, which reveals the details of the un… NVD-CWE-Other
CVE-2006-4547 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345727 - e107 e107 e107 0.75 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to… NVD-CWE-Other
CVE-2006-4548 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345728 - chxo feedsplitter CHXO Feedsplitter 2006-01-21 allows remote attackers to read the source code of feedsplitter.php via the showsource function. NOTE: this issue is not a vulnerability in standard distributions, but c… NVD-CWE-Other
CVE-2006-4549 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345729 - chxo feedsplitter Directory traversal vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to read arbitrary XML files via .. (dot dot) sequences in the format parameter with a leading ".", which bypa… NVD-CWE-Other
CVE-2006-4550 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm
345730 - chxo feedsplitter Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to execute arbitrary PHP code via (1) the file specified as the value of the format parameter, and possibly (2) th… NVD-CWE-Other
CVE-2006-4551 2018-10-18 06:37 2006-09-6 Show GitHub Exploit DB Packet Storm