Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2431	4.9	警告 Network	Kimai project	kimai	Kimai projectのKimaiにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-44298	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2432	7.8	重要 Local	LibreOffice プロジェクト	LibreOffice	LibreOffice プロジェクトのLibreOfficeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-4430	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

2433	8.4	重要 Local	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44334	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2434	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44335	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2435	9.6	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-22 CWE-829 CWE-913 CWE-94	CVE-2026-44336	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2436	6.3	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-89	CVE-2026-44337	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2437	7.3	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-1188 CWE-306 CWE-668	CVE-2026-44338	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2438	8.6	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性	CWE-470 クラスまたはコードを選択する外部から制御された入力の使用	CVE-2026-44339	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2439	7.5	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-22 CWE-59	CVE-2026-44340	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2440	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-44406	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346061	-	oscommerce	oscommerce	The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value.	NVD-CWE-Other	CVE-2004-2638	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346062	-	drew_withers	journalness	Unspecified vulnerability in Journalness 3.0.7 and earlier allows remote attackers to create or modify posts via unknown attack vectors.	NVD-CWE-Other	CVE-2004-2639	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346063	-	-	-	Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3.1 allows remote attackers to read arbitrary files via (1) .. (dot dot) sequences or (2) absolute paths to the template parameter.	NVD-CWE-Other	CVE-2004-2640	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346064	-	sun	sun_fire netra_1280	Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1280, and Netra 1280 allows remote attackers to cause a denial of service (system controller hang) via IP Packets With Type of Ser…	NVD-CWE-Other	CVE-2004-2641	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346065	-	nathaniel_bray	yeemp	Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender.	NVD-CWE-Other	CVE-2004-2642	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346066	-	microsoft	cabarc	Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive.	NVD-CWE-Other	CVE-2004-2643	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346067	-	asn.1_compiler	asn.1_compiler	Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags.	NVD-CWE-Other	CVE-2004-2644	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346068	-	asn.1_compiler	asn.1_compiler	Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures."	NVD-CWE-Other	CVE-2004-2645	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346069	-	-	-	The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName va…	NVD-CWE-Other	CVE-2004-2646	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346070	-	-	-	Free Web Chat 2.0 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections from the same user.	NVD-CWE-Other	CVE-2004-2647	2017-07-20 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm