Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2041	6.1	警告 Network	Northern.tech	cfengine	Northern.techのcfengineにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24710	2026-05-21 10:55	2026-05-14	Show	GitHub Exploit DB Packet Storm

2042	5.3	警告 Network	Northern.tech	cfengine	Northern.techのcfengineにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-24711	2026-05-21 10:55	2026-05-14	Show	GitHub Exploit DB Packet Storm

2043	7.3	重要 Network	Northern.tech	cfengine	Northern.techのcfengineにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-24712	2026-05-21 10:55	2026-05-14	Show	GitHub Exploit DB Packet Storm

2044	9.8	緊急 Network	Open JS Foundation	WebdriverIO	Open JS FoundationのWebdriverIOにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-25244	2026-05-21 10:55	2026-05-18	Show	GitHub Exploit DB Packet Storm

2045	6.5	警告 Network	マイクロソフト	Power Automate for Desktop	Microsoft Power Automate デスクトップの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-40374	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

2046	7.8	重要 Local	protobufjs project	protobufjs-cli	protobufjs projectのprotobufjs-cliにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-42290	2026-05-21 10:55	2026-05-13	Show	GitHub Exploit DB Packet Storm

2047	6.1	警告 Network	beaugunderson	ip-address	beaugundersonのip-addressにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42338	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

2048	7.6	重要 Network	PocketBase	PocketBase	PocketBaseにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-44166	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

2049	7.2	重要 Network	German Cancer Research Center (DKFZ)	nnU-Net	German Cancer Research Center (DKFZ)のnnU-Netにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2026-44246	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

2050	8.7	重要 Network	protobufjs project	protobufjs-cli	protobufjs projectのprotobufjs-cliにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44295	2026-05-21 10:55	2026-05-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345261	-	double_precision_incorporated inter7	courier_mta courier-imap	SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.	NVD-CWE-Other	CVE-2003-0040	2017-10-10 10:30	2003-02-19	Show	GitHub Exploit DB Packet Storm

345262	-	apache	tomcat	Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through …	NVD-CWE-Other	CVE-2003-0043	2017-10-10 10:30	2003-02-7	Show	GitHub Exploit DB Packet Storm

345263	-	apache	tomcat	Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DO…	NVD-CWE-Other	CVE-2003-0045	2017-10-10 10:30	2003-02-7	Show	GitHub Exploit DB Packet Storm

345264	-	national_language_support	libim	Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im a…	NVD-CWE-Other	CVE-2003-0087	2017-10-10 10:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

345265	-	lbl	tcpdump	The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to gene…	NVD-CWE-Other	CVE-2003-0093	2017-10-10 10:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

345266	-	andries_brouwer	util-linux	A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expe…	NVD-CWE-Other	CVE-2003-0094	2017-10-10 10:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

345267	-	andries_brouwer	man	man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is th…	NVD-CWE-Other	CVE-2003-0124	2017-10-10 10:30	2003-03-18	Show	GitHub Exploit DB Packet Storm

345268	-	qualcomm	qpopper	The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer…	NVD-CWE-Other	CVE-2003-0143	2017-10-10 10:30	2003-03-18	Show	GitHub Exploit DB Packet Storm

345269	-	lbl	tcpdump	Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different…	NVD-CWE-Other	CVE-2003-0145	2017-10-10 10:30	2003-03-31	Show	GitHub Exploit DB Packet Storm

345270	-	netpbm	netpbm	netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0924	2017-10-10 10:30	2004-02-17	Show	GitHub Exploit DB Packet Storm