Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3871	5.3	警告 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2026-40431	2026-04-30 12:18	2026-04-24	Show	GitHub Exploit DB Packet Storm

3872	9.8	緊急 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-40620	2026-04-30 12:18	2026-04-24	Show	GitHub Exploit DB Packet Storm

3873	8.1	重要 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-40623	2026-04-30 12:18	2026-04-24	Show	GitHub Exploit DB Packet Storm

3874	9.8	緊急 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-40630	2026-04-30 12:18	2026-04-24	Show	GitHub Exploit DB Packet Storm

3875	5.3	警告 Network	opentelemetry	opentelemetry OpenTelemetry.Extensions.Propagators Opentelemetry.api	opentelemetryのOpentelemetry.api等の複数製品における過剰なサイズ値のメモリ割り当てに関する脆弱性	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-40894	2026-04-30 12:18	2026-04-23	Show	GitHub Exploit DB Packet Storm

3876	10	緊急 Network	VoidZero Inc.	Vite+	VoidZero Inc.のVite+におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-41211	2026-04-30 12:18	2026-04-23	Show	GitHub Exploit DB Packet Storm

3877	5.4	警告 Network	Siemvk (siemvk)	Openlearn	Siemvk (siemvk)のOpenlearnにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41243	2026-04-30 12:18	2026-04-23	Show	GitHub Exploit DB Packet Storm

3878	8.8	重要 Network	Deskflow	Deskflow	Deskflowにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-41476	2026-04-30 12:18	2026-04-24	Show	GitHub Exploit DB Packet Storm

3879	7.8	重要 Local	Deskflow	Deskflow	Deskflowにおける複数の脆弱性	CWE-306 CWE-862	CVE-2026-41477	2026-04-30 12:18	2026-04-24	Show	GitHub Exploit DB Packet Storm

3880	6.5	警告 Network	langchain	Langchain-text-splitters	langchainのLangchain-text-splittersにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-41481	2026-04-30 12:18	2026-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347681	-	mambo	mambo_open_source_4.5	SQL injection vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2004-1826	2017-07-11 10:31	2004-03-16	Show	GitHub Exploit DB Packet Storm

347682	-	belchior_foundry	vcard	Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uni…	NVD-CWE-Other	CVE-2004-1828	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

347683	-	error_manager	php-nuke_module	Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pagetitle or…	NVD-CWE-Other	CVE-2004-1829	2017-07-11 10:31	2004-03-18	Show	GitHub Exploit DB Packet Storm

347684	-	francisco_burzi	php-nuke	error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attackers to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a …	NVD-CWE-Other	CVE-2004-1830	2017-07-11 10:31	2004-03-18	Show	GitHub Exploit DB Packet Storm

347685	-	techland	chrome	Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large length value, which leads to a null dereference or out-of-bounds r…	NVD-CWE-Other	CVE-2004-1831	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

347686	-	apple	mac_os_x_server	Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660.	NVD-CWE-Other	CVE-2004-1832	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

347687	-	borland_software	interbase	The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.	NVD-CWE-Other	CVE-2004-1833	2017-07-11 10:31	2004-03-20	Show	GitHub Exploit DB Packet Storm

347688	-	invision_power_services	invision_gallery	Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) a…	NVD-CWE-Other	CVE-2004-1835	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

347689	-	invision_power_services	invision_power_top_site_list	SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.	NVD-CWE-Other	CVE-2004-1836	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

347690	-	joel_palmius	mod_survey	Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey field…	NVD-CWE-Other	CVE-2004-1837	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm