Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2831 7.1 重要
Network 		ConnectWise, Inc. automate ConnectWise, Inc.のautomateにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-6066 2026-04-24 11:40 2026-04-20 Show GitHub Exploit DB Packet Storm
2832 9.1 緊急
Network 		Open JS Foundation fastify/middie Open JS Foundationの@fastify/middieにおける解釈の競合に関する脆弱性 CWE-436
解釈の競合 		CVE-2026-6270 2026-04-24 11:40 2026-04-16 Show GitHub Exploit DB Packet Storm
2833 9.9 緊急
Network 		ASUSTOR Inc. data master ASUSTOR Inc.のdata masterにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-6643 2026-04-24 11:40 2026-04-20 Show GitHub Exploit DB Packet Storm
2834 9.1 緊急
Network 		ASUSTOR Inc. data master ASUSTOR Inc.のdata masterにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-6644 2026-04-24 11:40 2026-04-20 Show GitHub Exploit DB Packet Storm
2835 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-6746 2026-04-24 11:40 2026-04-21 Show GitHub Exploit DB Packet Storm
2836 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-6747 2026-04-24 11:40 2026-04-21 Show GitHub Exploit DB Packet Storm
2837 9.8 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における初期化されていない変数の使用に関する脆弱性 CWE-457
初期化されていない変数の使用 		CVE-2026-6748 2026-04-24 11:40 2026-04-21 Show GitHub Exploit DB Packet Storm
2838 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-6749 2026-04-24 11:40 2026-04-21 Show GitHub Exploit DB Packet Storm
2839 9.8 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-6750 2026-04-24 11:40 2026-04-21 Show GitHub Exploit DB Packet Storm
2840 7.3 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における初期化されていない変数の使用に関する脆弱性 CWE-457
初期化されていない変数の使用 		CVE-2026-6751 2026-04-24 11:40 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314851 9.8 CRITICAL
Network 		janobe school_attendence_monitoring_system
school_event_management_system 		SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and re… CWE-89
SQL Injection 		CVE-2024-33974 2024-08-8 02:44 2024-08-6 Show GitHub Exploit DB Packet Storm
314852 9.8 CRITICAL
Network 		vivotek sd9364_firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The mani… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2024-7441 2024-08-8 02:15 2024-08-4 Show GitHub Exploit DB Packet Storm
314853 - mozilla firefox Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service (crash) via an HTML tag with a large number of script action handlers such as onload and onmouseover, which trig… NVD-CWE-Other
CVE-2006-1273 2024-08-8 02:15 2006-03-19 Show GitHub Exploit DB Packet Storm
314854 - digital_builder nz_ecommerce Cross-site scripting (XSS) vulnerability in index.php in NZ Ecommerce allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor has disputed this issu… NVD-CWE-Other
CVE-2006-1096 2024-08-8 02:15 2006-03-9 Show GitHub Exploit DB Packet Storm
314855 - digital_builder nz_ecommerce Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendo… NVD-CWE-Other
CVE-2006-1098 2024-08-8 02:15 2006-03-9 Show GitHub Exploit DB Packet Storm
314856 - kwik-pay kwik-pay_payroll Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and p… NVD-CWE-Other
CVE-2006-1050 2024-08-8 02:15 2006-03-8 Show GitHub Exploit DB Packet Storm
314857 - virtual_communication_services vpmi_enterprise SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to Service_Requests.… CWE-89
SQL Injection 		CVE-2006-0897 2024-08-8 02:15 2006-02-25 Show GitHub Exploit DB Packet Storm
314858 - dotproject dotproject dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requests with an invalid baseDir to certain PHP scripts in the db directory, which reveal the path in a… NVD-CWE-Other
CVE-2006-0754 2024-08-8 02:15 2006-02-18 Show GitHub Exploit DB Packet Storm
314859 - dotproject dotproject Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary commands via the baseDir parameter in (… NVD-CWE-Other
CVE-2006-0755 2024-08-8 02:15 2006-02-18 Show GitHub Exploit DB Packet Storm
314860 - dotproject dotproject dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration informa… NVD-CWE-Other
CVE-2006-0756 2024-08-8 02:15 2006-02-18 Show GitHub Exploit DB Packet Storm