Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2131 8.3 重要
Network 		flowiseai flowise flowiseaiのflowiseにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41271 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2132 7.1 重要
Network 		flowiseai flowise flowiseaiのflowiseにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41272 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2133 8.2 重要
Network 		flowiseai flowise flowiseaiのflowiseにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-41273 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2134 7.5 重要
Network 		flowiseai flowise flowiseaiのflowiseにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-41275 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2135 9.8 緊急
Network 		flowiseai flowise flowiseaiのflowiseにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-41276 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2136 8.8 重要
Network 		flowiseai flowise flowiseaiのflowiseにおける複数の脆弱性 CWE-284
CWE-639
CWE-915
CVE-2026-41277 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2137 7.5 重要
Network 		flowiseai flowise flowiseaiのflowiseにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-41278 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2138 7.5 重要
Network 		flowiseai flowise flowiseaiのflowiseにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-41279 2026-04-27 10:46 2026-04-23 Show GitHub Exploit DB Packet Storm
2139 4.3 警告
Adjacent 		OpenBSD OpenBSD OpenBSDにおける複数の脆弱性 CWE-1284
CWE-835
CVE-2026-41285 2026-04-27 10:46 2026-04-21 Show GitHub Exploit DB Packet Storm
2140 9.8 緊急
Network 		WWBN AVideo WWBNのAVideoにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41304 2026-04-27 10:46 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314091 - digital_builder nz_ecommerce Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendo… NVD-CWE-Other
CVE-2006-1098 2024-08-8 02:15 2006-03-9 Show GitHub Exploit DB Packet Storm
314092 - kwik-pay kwik-pay_payroll Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and p… NVD-CWE-Other
CVE-2006-1050 2024-08-8 02:15 2006-03-8 Show GitHub Exploit DB Packet Storm
314093 - virtual_communication_services vpmi_enterprise SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to Service_Requests.… CWE-89
SQL Injection 		CVE-2006-0897 2024-08-8 02:15 2006-02-25 Show GitHub Exploit DB Packet Storm
314094 - dotproject dotproject dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requests with an invalid baseDir to certain PHP scripts in the db directory, which reveal the path in a… NVD-CWE-Other
CVE-2006-0754 2024-08-8 02:15 2006-02-18 Show GitHub Exploit DB Packet Storm
314095 - dotproject dotproject Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary commands via the baseDir parameter in (… NVD-CWE-Other
CVE-2006-0755 2024-08-8 02:15 2006-02-18 Show GitHub Exploit DB Packet Storm
314096 - dotproject dotproject dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration informa… NVD-CWE-Other
CVE-2006-0756 2024-08-8 02:15 2006-02-18 Show GitHub Exploit DB Packet Storm
314097 - wordpress wordpress Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author'… NVD-CWE-Other
CVE-2006-0733 2024-08-8 02:15 2006-02-16 Show GitHub Exploit DB Packet Storm
314098 - gasoft gas_forum_light Multiple SQL injection vulnerabilities in archive.asp in GA's Forum Light allow remote attackers to execute arbitrary SQL commands via the (1) Forum and (2) pages parameter. NOTE: SecurityTracker sa… NVD-CWE-Other
CVE-2006-0669 2024-08-8 02:15 2006-02-14 Show GitHub Exploit DB Packet Storm
314099 - blackboard blackboard
blackboard_academic_suite 		Blackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain … NVD-CWE-Other
CVE-2006-0511 2024-08-8 02:15 2006-02-2 Show GitHub Exploit DB Packet Storm
314100 - khaled_mardam-bey mirc Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary code via a long string. NOTE: the original researcher claims that issue has been disputed by the ve… NVD-CWE-Other
CVE-2006-0489 2024-08-8 02:15 2006-02-1 Show GitHub Exploit DB Packet Storm