Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
841	8.1	重要 Network	Grafana Labs	Grafana	Grafana LabsのGrafanaにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-33381	2026-06-17 15:46	2026-05-13	Show	GitHub Exploit DB Packet Storm

842	5.4	警告 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-3341	2026-06-17 15:46	2026-06-11	Show	GitHub Exploit DB Packet Storm

843	6.1	警告 Network	IBM	IBM DevOps Plan	IBMのIBM DevOps PlanにおけるHTTP ヘッダのスクリプト構文の不適切な無効化に関する脆弱性	CWE-644 HTTP ヘッダのスクリプト構文の不適切な無効化	CVE-2026-4096	2026-06-17 15:46	2026-06-11	Show	GitHub Exploit DB Packet Storm

844	5.4	警告 Network	VMware	VMware Cloud Foundation VMware Telco Cloud Platform VMware vSphere VMware Aria Operations	VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2026-41722	2026-06-17 15:46	2026-06-8	Show	GitHub Exploit DB Packet Storm

845	8	重要 Network	VMware	VMware Cloud Foundation VMware Telco Cloud Platform VMware vSphere VMware Aria Operations	VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41723	2026-06-17 15:46	2026-06-8	Show	GitHub Exploit DB Packet Storm

846	5.9	警告 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-42767	2026-06-17 15:46	2026-06-9	Show	GitHub Exploit DB Packet Storm

847	3.7	低 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける暗号化処理の不備に関する脆弱性	CWE-325 暗号化処理の不備	CVE-2026-42770	2026-06-17 15:46	2026-06-9	Show	GitHub Exploit DB Packet Storm

848	6.2	警告 Local	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-42771	2026-06-17 15:46	2026-06-9	Show	GitHub Exploit DB Packet Storm

849	8.8	重要 Network	Kovidgoyal	Kitty	KovidgoyalのKittyにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-42850	2026-06-17 15:46	2026-06-12	Show	GitHub Exploit DB Packet Storm

850	7.8	重要 Local	Kovidgoyal	Kitty	KovidgoyalのKittyにおける複数の脆弱性	CWE-862 CWE-94	CVE-2026-42851	2026-06-17 15:46	2026-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
343751	-	zonemetrics	zonex_publishers_gold_edition	PHP remote file inclusion vulnerability in includes/usercp_register.php in ZoneMetrics ZoneX Publishers Gold Edition 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL …	NVD-CWE-Other	CVE-2006-4036	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343752	-	chaossoft	gaestechaos	Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gastname or (2) gastwohno…	CWE-79 Cross-site Scripting	CVE-2006-4038	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343753	-	chaossoft	gaestechaos	Multiple SQL injection vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) gastname, (2) gastwohnort, or (3) gasteintr…	CWE-89 SQL Injection	CVE-2006-4039	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343754	-	mywebland	mybloggie	Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) title, (2) url, (3) excerpt, or (…	CWE-89 SQL Injection	CVE-2006-4042	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343755	-	mywebland	mybloggie	index.php in myWebland myBloggie 2.1.4 and earlier allows remote attackers to obtain sensitive information via a query that only specifies the viewdate mode, which reveals the table prefix in a SQL e…	NVD-CWE-Other	CVE-2006-4043	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343756	-	open_cubic_player	open_cubic_player	Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large…	NVD-CWE-Other	CVE-2006-4046	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343757	-	david_walker	phpautomembersarea	PHP remote file inclusion vulnerability in auto_check_renewals.php in phpAutoMembersArea (phpAMA) 3.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the installed_co…	NVD-CWE-Other	CVE-2006-4050	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343758	-	david_walker	phpautomembersarea	This vulnerability is addressed in the following product release: David Walker, phpAutoMembersArea, 3.2.5	NVD-CWE-Other	CVE-2006-4050	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343759	-	turnkey_web_tools	php_live_helper	PHP remote file inclusion vulnerability in global.php in Turnkey Web Tools PHP Live Helper 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter.	NVD-CWE-Other	CVE-2006-4051	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm

343760	-	turnkey_web_tools	php_simple_shop	Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Simple Shop 2.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1)…	NVD-CWE-Other	CVE-2006-4052	2018-10-18 06:33	2006-08-10	Show	GitHub Exploit DB Packet Storm