Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3131 7.5 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-31909 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
3132 7.5 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-31910 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
3133 9.1 緊急
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるハードコードされた暗号鍵の使用に関する脆弱性 CWE-321
ハードコードされた暗号鍵の使用 		CVE-2026-31986 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
3134 4.8 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-3495 2026-05-21 10:53 2026-05-18 Show GitHub Exploit DB Packet Storm
3135 6.5 警告
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-35086 2026-05-21 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3136 8.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office クイック実行の特権の昇格の脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-35436 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
3137 5.5 警告
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Microsoft Word
Office Long Term Servicing Channel (LTSC) 		Microsoft Word の情報漏えいの脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-35440 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
3138 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-3637 2026-05-21 10:52 2026-05-18 Show GitHub Exploit DB Packet Storm
3139 9.8 緊急
Network 		H2O.ai H2O H2O.aiのH2Oにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-3960 2026-05-21 10:52 2026-04-23 Show GitHub Exploit DB Packet Storm
3140 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office のリモート コードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-40358 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345311 - lucent orinoco_rg-1000 Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear dur… NVD-CWE-Other
CVE-2001-0618 2017-12-19 11:29 2001-08-2 Show GitHub Exploit DB Packet Storm
345312 - iplanet calendar_server iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator use… NVD-CWE-Other
CVE-2001-0620 2017-12-19 11:29 2001-08-2 Show GitHub Exploit DB Packet Storm
345313 - sendfile sendfile sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain… NVD-CWE-Other
CVE-2001-0623 2017-12-19 11:29 2001-08-2 Show GitHub Exploit DB Packet Storm
345314 - qnx qnx QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos. NVD-CWE-Other
CVE-2001-0624 2017-12-19 11:29 2001-08-2 Show GitHub Exploit DB Packet Storm
345315 - incredimail incredimail Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in t… NVD-CWE-Other
CVE-2001-0642 2017-12-19 11:29 2001-09-20 Show GitHub Exploit DB Packet Storm
345316 - axent netprowler Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC fr… NVD-CWE-Other
CVE-2001-0645 2017-12-19 11:29 2001-09-20 Show GitHub Exploit DB Packet Storm
345317 - apple personal_web_sharing Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request. NVD-CWE-Other
CVE-2001-0649 2017-12-19 11:29 2001-09-20 Show GitHub Exploit DB Packet Storm
345318 - robtex viking_server Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2… NVD-CWE-Other
CVE-2001-0674 2017-12-19 11:29 2001-09-20 Show GitHub Exploit DB Packet Storm
345319 - trend_micro interscan_viruswall
interscan_webmanager 		A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code. NVD-CWE-Other
CVE-2001-0678 2017-12-19 11:29 2001-09-20 Show GitHub Exploit DB Packet Storm
345320 - trend_micro interscan_viruswall A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server. NVD-CWE-Other
CVE-2001-0679 2017-12-19 11:29 1999-11-8 Show GitHub Exploit DB Packet Storm