Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2721 3.3
Local 		ちとらソフト Lhaz+
Lhaz 		LhazおよびLhaz+におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41530 2026-05-11 17:15 2026-05-11 Show GitHub Exploit DB Packet Storm
2722 - - Apache Software Foundation Apache HTTP Server Apache HTTP Server 2.4における複数の脆弱性に対するアップデート(2026年5月) - CVE-2026-23918
CVE-2026-24072
CVE-2026-28780
CVE-2026-29168
CVE-2026-29169
CVE-2026-33006
CVE-2026-33007
CVE-2026-33523
CVE-2026-33857
CVE-2026-34032
CVE-2026-34059 		2026-05-11 16:29 2026-05-8 Show GitHub Exploit DB Packet Storm
2723 - - (複数のベンダ) (複数の製品) CISA ICS Advisory / ICS Medical Advisory(2026年05月07日) - - 2026-05-11 16:29 2026-05-8 Show GitHub Exploit DB Packet Storm
2724 7.2 重要
Network 		株式会社GROWI GROWI GROWIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41951 2026-05-11 15:29 2026-05-11 Show GitHub Exploit DB Packet Storm
2725 7.4 重要
Network 		株式会社EPG iOSアプリ「くら寿司 公式アプリ」
Androidアプリ「くら寿司 公式アプリ」 		スマートフォンアプリ「くら寿司 公式アプリ」における証明書検証不備の脆弱性 CWE-Other
その他 		CVE-2026-41872 2026-05-11 12:52 2026-05-11 Show GitHub Exploit DB Packet Storm
2726 3.3
Local 		X.Org Foundation libxpm libXpmにおける境界外読み取りの脆弱性 CWE-Other
その他 		CVE-2026-4367 2026-05-11 12:18 2026-05-11 Show GitHub Exploit DB Packet Storm
2727 7.3 重要
Network 		yeti-platform yeti yeti-platformのyetiにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2024-46507 2026-05-11 11:13 2026-05-8 Show GitHub Exploit DB Packet Storm
2728 7.5 重要
Network 		yeti-platform yeti yeti-platformのyetiにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2024-46508 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
2729 9.8 緊急
Network 		Frappe ERPNext FrappeのERPNextにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-38431 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
2730 6.1 警告
Network 		Frappe ERPNext FrappeのERPNextにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-38432 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345771 - novell groupwise Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script." NVD-CWE-noinfo
CVE-2003-1551 2017-08-8 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
345772 - alcatel speed_touch_home Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection. NVD-CWE-Other
CVE-2002-0119 2017-08-1 01:52 2002-03-25 Show GitHub Exploit DB Packet Storm
345773 - macrovision installshield The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote at… CWE-94
Code Injection 		CVE-2007-5661 2017-07-29 10:33 2008-04-4 Show GitHub Exploit DB Packet Storm
345774 - directadmin directadmin Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vecto… NVD-CWE-Other
CVE-2007-3501 2017-07-29 10:32 2007-06-30 Show GitHub Exploit DB Packet Storm
345775 - cetrinity firstclass
server_and_internet_services 		Centrinity FirstClass 8.3 and earlier, and Server and Internet Services 8.0 and earlier, do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-sit… NVD-CWE-Other
CVE-2007-2976 2017-07-29 10:31 2007-06-1 Show GitHub Exploit DB Packet Storm
345776 - pecl_zip
php 		1.8.3
php 		Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as d… NVD-CWE-Other
CVE-2007-1399 2017-07-29 10:30 2007-03-11 Show GitHub Exploit DB Packet Storm
345777 - tmsnc tmsnc Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that caus… NVD-CWE-Other
CVE-2005-4817 2017-07-29 10:29 2005-12-31 Show GitHub Exploit DB Packet Storm
345778 - ibm lotus_domino Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vect… NVD-CWE-Other
CVE-2005-4819 2017-07-29 10:29 2005-12-31 Show GitHub Exploit DB Packet Storm
345779 - smc_networks smc7904wbra SMC Wireless Router model SMC7904WBRA allows remote attackers to cause a denial of service (reboot) by flooding the router with traffic. NVD-CWE-Other
CVE-2005-4820 2017-07-29 10:29 2005-12-31 Show GitHub Exploit DB Packet Storm
345780 - - - SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id para… NVD-CWE-Other
CVE-2005-4822 2017-07-29 10:29 2005-12-31 Show GitHub Exploit DB Packet Storm