Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2551	5.9	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不十分なランダム値の使用に関する脆弱性	CWE-330 不十分なランダム値の使用	CVE-2026-34511	2026-04-24 11:44	2026-04-3	Show	GitHub Exploit DB Packet Storm

2552	7.1	重要 Network	Chamilo Association	Chamilo LMS	Chamilo AssociationのChamilo LMSにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-34602	2026-04-24 11:44	2026-04-14	Show	GitHub Exploit DB Packet Storm

2553	8.8	重要 Network	Electron	electron	Electronのelectronにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34770	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

2554	8.8	重要 Network	Electron	electron	Electronのelectronにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34771	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

2555	8.8	重要 Network	Electron	electron	Electronのelectronにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34772	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

2556	7.5	重要 Network	Electron	electron	Electronのelectronにおける複数の脆弱性	CWE-20 CWE-74 CWE-74	CVE-2026-34773	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

2557	8.1	重要 Network	Electron	electron	Electronのelectronにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34774	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

2558	9.8	緊急 Network	Electron	electron	Electronのelectronにおける隔離または分類に関する脆弱性	CWE-653 不適切な隔離または分類	CVE-2026-34775	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

2559	9.8	緊急 Network	Bruno Software Inc.	Bruno	Bruno Software Inc.のBrunoにおける複数の脆弱性	CWE-494 CWE-506	CVE-2026-34841	2026-04-24 11:44	2026-04-6	Show	GitHub Exploit DB Packet Storm

2560	5.3	警告 Network	Discourse	Discourse	Discourseにおける情報漏えいに関する脆弱性	CWE-200 CWE-noinfo	CVE-2026-34947	2026-04-24 11:44	2026-04-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315571	-	apache	http_server	Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a \| pipe character) provided as arguments to batch (.bat)…	CWE-78 OS Command	CVE-2002-0061	2024-01-27 05:01	2002-03-21	Show	GitHub Exploit DB Packet Storm

315572	-	hypermail_development	hypermail	Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an attachment with a .shtml extension, which is archived on the server and can then be executed by reque…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2001-0901	2024-01-27 05:01	2001-11-19	Show	GitHub Exploit DB Packet Storm

315573	-	apache ncsa	http_server ncsa_httpd	phf CGI program allows remote command execution through shell metacharacters.	CWE-78 OS Command	CVE-1999-0067	2024-01-27 05:00	1996-03-20	Show	GitHub Exploit DB Packet Storm

315574	-	e107	e107	ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to imag…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2004-2262	2024-01-27 04:10	2004-12-31	Show	GitHub Exploit DB Packet Storm

315575	-	yvesglodt	i-man	I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2005-1868	2024-01-27 04:07	2005-06-9	Show	GitHub Exploit DB Packet Storm

315576	-	yapig	yapig	upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP co…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2005-1881	2024-01-27 04:07	2005-06-6	Show	GitHub Exploit DB Packet Storm

315577	-	deluxebb	deluxebb	DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupl…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2006-4558	2024-01-27 04:02	2006-09-6	Show	GitHub Exploit DB Packet Storm

315578	-	duware_dubanner_project	duware_dubanner	add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, probably due to client-side enforcement that can be b…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2006-2428	2024-01-27 04:01	2006-05-17	Show	GitHub Exploit DB Packet Storm

315579	-	rockliffe	mailsite_express	Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the ca…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2005-3288	2024-01-27 04:01	2005-10-23	Show	GitHub Exploit DB Packet Storm

315580	-	linux canonical debian mandriva	linux_kernel ubuntu_linux debian_linux linux	The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2005-3181	2024-01-27 03:56	2005-10-12	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed