Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4071	9.1	緊急 Network	CyberPanel	CyberPanel	CyberPanelにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-41473	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

4072	8.2	重要 Local	レッドハット	Red Hat Advanced Cluster Management for Kubernetes	レッドハットのRed Hat Advanced Cluster Management for Kubernetesにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-4740	2026-04-30 12:08	2026-04-7	Show	GitHub Exploit DB Packet Storm

4073	9.8	緊急 Network	Pipecat	Pipecat	Pipecatにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2025-62373	2026-04-30 12:08	2026-04-23	Show	GitHub Exploit DB Packet Storm

4074	7.8	重要 Local	Amazon.com, Inc.	Kiro IDE	Amazon.com, Inc.のKiro IDEにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-0830	2026-04-30 12:08	2026-01-9	Show	GitHub Exploit DB Packet Storm

4075	5.4	警告 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-25720	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

4076	9.8	緊急 Network	huggingface	LeRobot	huggingfaceのLeRobotにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-25874	2026-04-30 12:08	2026-04-23	Show	GitHub Exploit DB Packet Storm

4077	8.1	重要 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-27841	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

4078	9.1	緊急 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-27843	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

4079	7.5	重要 Network	Navigation Data Standard (NDS)	Zserio	Navigation Data Standard (NDS)のZserioにおける過剰なサイズ値のメモリ割り当てに関する脆弱性	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-33524	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

4080	7.5	重要 Network	Navigation Data Standard (NDS)	Zserio	Navigation Data Standard (NDS)のZserioにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-33666	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348251	-	ratbag	dirt_track_racing dirt_track_racing_australia dirt_track_racing_sprint_cars leadfoot world_of_outlaws_sprint_cars	Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet …	NVD-CWE-Other	CVE-2004-0278	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348252	-	aim_sniff	aim_sniff	AIM Sniff (aimSniff.pl) 0.9b allows local users to overwrite arbitrary files via a symlink attack on /tmp/AS.log.	NVD-CWE-Other	CVE-2004-0279	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348253	-	caucho_technology	resin	Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.	NVD-CWE-Other	CVE-2004-0280	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348254	-	crob	crob_ftp_server	Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server.	NVD-CWE-Other	CVE-2004-0282	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348255	-	mailmgr	mailmgr	Mailmgr 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/mailmgr.unsort, (2) /tmp/mailmgr.tmp, or (3) /tmp/mailmgr.sort.	NVD-CWE-Other	CVE-2004-0283	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348256	-	robotftp	robotftp_server	Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username.	NVD-CWE-Other	CVE-2004-0286	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348257	-	xlight_ftp_server	xlight_ftp_server	Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly trigg…	NVD-CWE-Other	CVE-2004-0287	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348258	-	mnogosearch	mnogosearch	Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.	NVD-CWE-Other	CVE-2004-0288	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348259	-	paul_l_daniels	signaturedb	Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to cause a denial of service (segmentation fault) via a database file that contains a large key parameter.	NVD-CWE-Other	CVE-2004-0289	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

348260	-	freeform_interactive	purge purge_jihad	Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary code via an information packet that contains large (1) battle type and (2) map name fields.	NVD-CWE-Other	CVE-2004-0290	2017-07-11 10:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed