Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5601 9.8 緊急
Network 		Anthropic PBC Claude Code
Claude Agent SDK 		Anthropic PBCのClaude Agent SDK等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-35022 2026-05-1 10:39 2026-04-6 Show GitHub Exploit DB Packet Storm
5602 7.8 重要
Local 		MAGIX MAGIX MP3 deluxe MAGIXのMAGIX MP3 deluxeにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25260 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
5603 7.8 重要
Local 		Enter Srl Iperius Backup Enter SrlのIperius Backupにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25261 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
5604 10 緊急
Network 		マイクロソフト Microsoft Purview eDiscovery Microsoft Purview eDiscovery Elevation of Privilege Vulnerability CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-26150 2026-05-1 10:39 2026-04-23 Show GitHub Exploit DB Packet Storm
5605 8.8 重要
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける非公開の機能に関する脆弱性 CWE-912
非公開の機能 		CVE-2026-31847 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
5606 9.8 緊急
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2026-31848 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
5607 6.5 警告
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-31849 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
5608 4.9 警告
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける認証情報の平文保存に関する脆弱性 CWE-256
平文でパスワードを保存 		CVE-2026-31850 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
5609 9.8 緊急
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-31851 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
5610 6.1 警告
Network 		angular Angular CLI angularのAngular CLIにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-33397 2026-05-1 10:38 2026-03-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347921 - rssreader rssreader Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Rober… NVD-CWE-Other
CVE-2006-4762 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347922 - stefan_ernst newsscript Multiple directory traversal vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5beta allow remote attackers to (1) read arbitrary local files via a .. (dot dot) sequence in the ide parameter… NVD-CWE-Other
CVE-2006-4767 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347923 - stefan_ernst newsscript Multiple direct static code injection vulnerabilities in add_go.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote attackers to execute arbitrary PHP code via the (1) description, (2)… NVD-CWE-Other
CVE-2006-4768 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347924 - sun storedge_6130_arrays Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and earlier allow remote attackers to cause a denial of service (controller reboot) via a flood of traffic on the LAN. NVD-CWE-Other
CVE-2006-4773 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347925 - webspell webspell SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the squadID parameter. NVD-CWE-Other
CVE-2006-4783 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347926 - webspell webspell Successful exploitation requires that "magic_quotes_gpc" is disabled. NVD-CWE-Other
CVE-2006-4783 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347927 - moodle moodle Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or … NVD-CWE-Other
CVE-2006-4784 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347928 - moodle moodle Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups. NVD-CWE-Other
CVE-2006-4786 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347929 - alphamail alphamail AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained fr… NVD-CWE-Other
CVE-2006-4787 2017-07-20 10:33 2006-09-14 Show GitHub Exploit DB Packet Storm
347930 - dws_systems_inc. sql-ledger SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history. NVD-CWE-Other
CVE-2006-4798 2017-07-20 10:33 2006-09-15 Show GitHub Exploit DB Packet Storm