Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3971	6.5	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-25773	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

3972	4.3	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-28736	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

3973	7.8	重要 Local	DeepCool	DeepCreative	DeepCoolのDeepCreativeにおける安全でない継承されたパーミッションに関する脆弱性	CWE-277 安全でない継承されたパーミッション	CVE-2026-30266	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

3974	7.5	重要 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-32297	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

3975	9.1	緊急 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM FirmwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-32298	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

3976	7.5	重要 Network	オラクル	Oracle Financial Services Customer Screening	オラクルのOracle Financial Services Customer Screeningにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-34320	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3977	5.8	警告 Network	Pavel Zbornik (pavelzbornik)	whisperX REST API	Pavel Zbornik (pavelzbornik)のwhisperX REST APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34981	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

3978	7.5	重要 Network	Distribution	Distribution	Distributionにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-35172	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

3979	7.5	重要 Network	UnJS Team	defu	UnJS Teamのdefuにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-35209	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

3980	7.5	重要 Network	オラクル	Oracle Financial Services Transaction Filtering	オラクルのOracle Financial Services Transaction Filteringにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35231	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349111	-	apple sun	mac_os_runtime_for_java jdk jre sdk	Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.	NVD-CWE-Other	CVE-2001-1480	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349112	-	alcatel	adsl_modem_1000 speed_touch_adsl_modem	Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) s…	NVD-CWE-Other	CVE-2001-1484	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349113	-	qualcomm	qpopper	popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.	NVD-CWE-Other	CVE-2001-1487	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349114	-	open_projects_network	open_projects_network_ircd	Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a fo…	NVD-CWE-Other	CVE-2001-1488	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349115	-	microsoft	ie	Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.	NVD-CWE-Other	CVE-2001-1489	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349116	-	mozilla	mozilla	Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.	NVD-CWE-Other	CVE-2001-1490	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349117	-	opera_software	opera_web_browser	Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.	NVD-CWE-Other	CVE-2001-1491	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349118	-	checkpoint	vpn-1	Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier…	NVD-CWE-Other	CVE-2001-1499	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349119	-	mountain_network_systems	webcart	webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter.	NVD-CWE-Other	CVE-2001-1502	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm

349120	-	ibm	lotus_notes	Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail mess…	NVD-CWE-Other	CVE-2001-1504	2017-07-11 10:29	2001-12-31	Show	GitHub Exploit DB Packet Storm