Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2351 6.1 警告
Network 		n8n n8n n8nにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-42230 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2352 8.8 重要
Network 		n8n n8n n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性 CWE-1321
オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染) 		CVE-2026-42231 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2353 8.8 重要
Network 		n8n n8n n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性 CWE-1321
オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染) 		CVE-2026-42232 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2354 9.8 緊急
Network 		n8n n8n n8nにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-42233 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2355 8.8 重要
Network 		n8n n8n n8nにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-42234 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2356 9.6 緊急
Network 		n8n n8n n8nにおける複数の脆弱性 CWE-79
CWE-87
CVE-2026-42235 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2357 7.5 重要
Network 		n8n n8n n8nにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-42236 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2358 8.8 重要
Network 		n8n n8n n8nにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-42237 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2359 9.8 緊急
Network 		nginxui Nginx UI Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-42238 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
2360 7.7 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42438 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
318291 - siemens speedstream_wireless_router Siemens SpeedStream 2624 allows remote attackers to cause a denial of service (device hang) by sending a crafted packet to the web administrative interface. NVD-CWE-Other
CVE-2006-3907 2024-02-14 10:17 2006-07-28 Show GitHub Exploit DB Packet Storm
318292 - softbiz banner_exchange Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner Exchange Script (aka Banner Exchange Network Script) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) th… NVD-CWE-Other
CVE-2006-3607 2024-02-14 10:17 2006-07-19 Show GitHub Exploit DB Packet Storm
318293 - seyeon flexwatch_network_camera Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL. NVD-CWE-Other
CVE-2006-3603 2024-02-14 10:17 2006-07-19 Show GitHub Exploit DB Packet Storm
318294 - seyeon flexwatch_network_camera Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot… NVD-CWE-Other
CVE-2006-3604 2024-02-14 10:17 2006-07-19 Show GitHub Exploit DB Packet Storm
318295 - bosdev bosclassifieds_classified_ads Multiple PHP remote file inclusion vulnerabilities in BosClassifieds Classified Ads allow remote attackers to execute arbitrary PHP code via a URL in the insPath parameter to (1) index.php, (2) recen… NVD-CWE-Other
CVE-2006-3527 2024-02-14 10:17 2006-07-12 Show GitHub Exploit DB Packet Storm
318296 - webdesignhq sitebuilder-fx PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter. CWE-94
Code Injection 		CVE-2006-3395 2024-02-14 10:17 2006-07-7 Show GitHub Exploit DB Packet Storm
318297 - pkr_internet taskjitsu Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) titl… NVD-CWE-Other
CVE-2006-3397 2024-02-14 10:17 2006-07-7 Show GitHub Exploit DB Packet Storm
318298 - pkr_internet taskjitsu The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remote attackers to obtain sensitive information from the (1) Category Editor and (2… NVD-CWE-Other
CVE-2006-3398 2024-02-14 10:17 2006-07-7 Show GitHub Exploit DB Packet Storm
318299 - siemens speedstream_wireless_router Siemens Speedstream Wireless Router 2624 allows local users to bypass authentication and access protected files by using the Universal Plug and Play UPnP/1.0 component. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2006-3344 2024-02-14 10:17 2006-07-4 Show GitHub Exploit DB Packet Storm
318300 - netsoft smartnet Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter. NVD-CWE-Other
CVE-2006-3313 2024-02-14 10:17 2006-06-30 Show GitHub Exploit DB Packet Storm