Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1901	7.5	重要 Network	GNU Project	GNU C Library	GNU ProjectのGNU C Libraryにおけるバッファアンダーリードの脆弱性	CWE-127 バッファアンダーリード	CVE-2026-5928	2026-04-24 11:40	2026-04-20	Show	GitHub Exploit DB Packet Storm

1902	7.1	重要 Network	ConnectWise, Inc.	automate	ConnectWise, Inc.のautomateにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2026-6066	2026-04-24 11:40	2026-04-20	Show	GitHub Exploit DB Packet Storm

1903	9.1	緊急 Network	Open JS Foundation	fastify/middie	Open JS Foundationの@fastify/middieにおける解釈の競合に関する脆弱性	CWE-436 解釈の競合	CVE-2026-6270	2026-04-24 11:40	2026-04-16	Show	GitHub Exploit DB Packet Storm

1904	9.9	緊急 Network	ASUSTOR Inc.	data master	ASUSTOR Inc.のdata masterにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-6643	2026-04-24 11:40	2026-04-20	Show	GitHub Exploit DB Packet Storm

1905	9.1	緊急 Network	ASUSTOR Inc.	data master	ASUSTOR Inc.のdata masterにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-6644	2026-04-24 11:40	2026-04-20	Show	GitHub Exploit DB Packet Storm

1906	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-6746	2026-04-24 11:40	2026-04-21	Show	GitHub Exploit DB Packet Storm

1907	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-6747	2026-04-24 11:40	2026-04-21	Show	GitHub Exploit DB Packet Storm

1908	9.8	緊急 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における初期化されていない変数の使用に関する脆弱性	CWE-457 初期化されていない変数の使用	CVE-2026-6748	2026-04-24 11:40	2026-04-21	Show	GitHub Exploit DB Packet Storm

1909	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における初期化されていないリソースの使用に関する脆弱性	CWE-908 初期化されていないリソースの使用	CVE-2026-6749	2026-04-24 11:40	2026-04-21	Show	GitHub Exploit DB Packet Storm

1910	9.8	緊急 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-6750	2026-04-24 11:40	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314161	-	phppost	phppost	Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the subject in a post, or the user parameter to (2) pr…	CWE-79 Cross-site Scripting	CVE-2005-3770	2024-02-14 10:17	2005-11-23	Show	GitHub Exploit DB Packet Storm

314162	-	xmb_forum	xmb	Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration p…	NVD-CWE-Other	CVE-2005-3688	2024-02-14 10:17	2005-11-19	Show	GitHub Exploit DB Packet Storm

314163	-	xmb_forum	xmb	post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action.	NVD-CWE-Other	CVE-2005-3689	2024-02-14 10:17	2005-11-19	Show	GitHub Exploit DB Packet Storm

314164	-	ekinboard	ekinboard	Cross-site scripting (XSS) vulnerabilities in Ekinboard 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in profile.php and (2) titles of posts.	NVD-CWE-Other	CVE-2005-3638	2024-02-14 10:17	2005-11-17	Show	GitHub Exploit DB Packet Storm

314165	-	ibproarcade	ibproarcade	SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.	NVD-CWE-Other	CVE-2005-3545	2024-02-14 10:17	2005-11-16	Show	GitHub Exploit DB Packet Storm

314166	-	mambo	mambo	content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to obtain the installation path of the application via a URL that causes the application to return an error.	NVD-CWE-Other	CVE-2005-3586	2024-02-14 10:17	2005-11-16	Show	GitHub Exploit DB Packet Storm

314167	-	vubb	vubb	Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action.	NVD-CWE-Other	CVE-2005-3512	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm

314168	-	vubb	vubb	index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote (').	NVD-CWE-Other	CVE-2005-3513	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm

314169	-	chipmunk_scripts	chipmunk_forum	Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Forum script allow remote attackers to inject arbitrary web script or HTML via the forumID parameter to (1) newtopic.php, (2) quote.php…	NVD-CWE-Other	CVE-2005-3514	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm

314170	-	chipmunk_scripts	chipmunk_topsites	Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter.	NVD-CWE-Other	CVE-2005-3515	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm