Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2611 7.2 重要
Network 		citeum opencti citeumのopenctiにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-39980 2026-04-23 10:11 2026-04-9 Show GitHub Exploit DB Packet Storm
2612 6.1 警告
Network 		McGill University LORIS (Longitudinal Online Research and Imaging System) McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-39985 2026-04-23 10:11 2026-04-9 Show GitHub Exploit DB Packet Storm
2613 5.3 警告
Network 		Apache Software Foundation Apache Log4cxx Apache Software FoundationのApache Log4cxxにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-40023 2026-04-23 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
2614 4.8 警告
Network 		axios project axios axios projectのaxiosにおける複数の脆弱性 CWE-113
CWE-444
CWE-918
CVE-2026-40175 2026-04-23 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
2615 3.7
Network 		phpseclib phpseclib phpseclibにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-40194 2026-04-23 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
2616 7.5 重要
Network 		free5gc free5gc free5GCにおける複数の脆弱性 CWE-200
CWE-202
CWE-209
CVE-2026-40245 2026-04-23 10:11 2026-04-16 Show GitHub Exploit DB Packet Storm
2617 7.5 重要
Network 		free5gc free5gc free5GCにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-40246 2026-04-23 10:11 2026-04-16 Show GitHub Exploit DB Packet Storm
2618 7.5 重要
Network 		free5gc free5gc free5GCにおける複数の脆弱性 CWE-285
CWE-636
CVE-2026-40247 2026-04-23 10:11 2026-04-16 Show GitHub Exploit DB Packet Storm
2619 5.3 警告
Network 		free5gc free5gc free5GCにおける複数の脆弱性 CWE-636
CWE-754
CVE-2026-40249 2026-04-23 10:11 2026-04-16 Show GitHub Exploit DB Packet Storm
2620 8.1 重要
Network 		FastGPT FastGPT FastGPTにおける複数の脆弱性 CWE-284
CWE-639
CVE-2026-40252 2026-04-23 10:10 2026-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314931 - softbiz banner_exchange Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner Exchange Script (aka Banner Exchange Network Script) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) th… NVD-CWE-Other
CVE-2006-3607 2024-02-14 10:17 2006-07-19 Show GitHub Exploit DB Packet Storm
314932 - seyeon flexwatch_network_camera Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL. NVD-CWE-Other
CVE-2006-3603 2024-02-14 10:17 2006-07-19 Show GitHub Exploit DB Packet Storm
314933 - seyeon flexwatch_network_camera Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot… NVD-CWE-Other
CVE-2006-3604 2024-02-14 10:17 2006-07-19 Show GitHub Exploit DB Packet Storm
314934 - bosdev bosclassifieds_classified_ads Multiple PHP remote file inclusion vulnerabilities in BosClassifieds Classified Ads allow remote attackers to execute arbitrary PHP code via a URL in the insPath parameter to (1) index.php, (2) recen… NVD-CWE-Other
CVE-2006-3527 2024-02-14 10:17 2006-07-12 Show GitHub Exploit DB Packet Storm
314935 - webdesignhq sitebuilder-fx PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter. CWE-94
Code Injection 		CVE-2006-3395 2024-02-14 10:17 2006-07-7 Show GitHub Exploit DB Packet Storm
314936 - pkr_internet taskjitsu Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) titl… NVD-CWE-Other
CVE-2006-3397 2024-02-14 10:17 2006-07-7 Show GitHub Exploit DB Packet Storm
314937 - pkr_internet taskjitsu The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remote attackers to obtain sensitive information from the (1) Category Editor and (2… NVD-CWE-Other
CVE-2006-3398 2024-02-14 10:17 2006-07-7 Show GitHub Exploit DB Packet Storm
314938 - siemens speedstream_wireless_router Siemens Speedstream Wireless Router 2624 allows local users to bypass authentication and access protected files by using the Universal Plug and Play UPnP/1.0 component. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2006-3344 2024-02-14 10:17 2006-07-4 Show GitHub Exploit DB Packet Storm
314939 - netsoft smartnet Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter. NVD-CWE-Other
CVE-2006-3313 2024-02-14 10:17 2006-06-30 Show GitHub Exploit DB Packet Storm
314940 - namo deepsearch Cross-site scripting (XSS) vulnerability in mclient.cgi in Namo DeepSearch 4.5 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NVD-CWE-Other
CVE-2006-3264 2024-02-14 10:17 2006-06-28 Show GitHub Exploit DB Packet Storm