Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4211	3.7	低 Network	Simon Tatham	PuTTY	PuTTYにおける複数の脆弱性	CWE-345 CWE-347	CVE-2026-4115	2026-05-7 12:27	2026-03-22	Show	GitHub Exploit DB Packet Storm

4212	9.8	緊急 Network	cPanel	cPanel WP Squared cPanel WHM	cPanelのcPanel等の複数製品における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-41940	2026-05-7 12:27	2026-04-29	Show	GitHub Exploit DB Packet Storm

4213	9.8	緊急 Network	Provectus	UI for Apache Kafka	ProvectusのUI for Apache Kafkaにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-5562	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

4214	6.1	警告 Network	WSO2	WSO2 Identity Server	WSO2のWSO2 Identity Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-10503	2026-05-7 12:07	2026-04-29	Show	GitHub Exploit DB Packet Storm

4215	5.3	警告 Network	MCPHub	MCPHub	MCPHubにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2025-13822	2026-05-7 12:07	2026-04-14	Show	GitHub Exploit DB Packet Storm

4216	5.3	警告 Network	IBM	IBM DB2	IBMのIBM DB2における入力で指定された数量の不適切な検証に関する脆弱性	CWE-1284 入力で指定された数量の不適切な検証	CVE-2025-14688	2026-05-7 12:07	2026-04-30	Show	GitHub Exploit DB Packet Storm

4217	6.5	警告 Network	IBM	IBM DB2	IBMのIBM DB2における制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-36122	2026-05-7 12:07	2026-04-30	Show	GitHub Exploit DB Packet Storm

4218	5.3	警告 Network	HCL Technologies Limited	HCL AION	HCL Technologies LimitedのHCL AIONにおけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2025-52641	2026-05-7 12:07	2026-04-15	Show	GitHub Exploit DB Packet Storm

4219	6.4	警告 Local	レッドハット	Ansible Automation Platform	レッドハットのAnsible Automation Platformにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2025-57847	2026-05-7 12:07	2026-04-8	Show	GitHub Exploit DB Packet Storm

4220	6.7	警告 Local	レッドハット	Red Hat Advanced Cluster Management for Kubernetes	レッドハットのRed Hat Advanced Cluster Management for Kubernetesにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2025-57851	2026-05-7 12:07	2026-04-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347441	-	skymarx_solutions	xflow	Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) level, (2) position, (3) id, and (4) action …	NVD-CWE-Other	CVE-2006-1850	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

347442	-	skymarx_solutions	xflow	xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the (1) action parameter to members_only/index.cgi and (2) page parameter customer_area/ind…	NVD-CWE-Other	CVE-2006-1851	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

347443	-	scriptsfrenzy	article_publisher_pro	SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter.	NVD-CWE-Other	CVE-2006-1852	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

347444	-	moderngigabyte	modernbill	Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier allow remote attackers or administrators to execute arbitrary SQL commands via the (1) id parameter in (a) user.php, or (2) wher…	NVD-CWE-Other	CVE-2006-1853	2017-07-20 10:30	2006-04-20	Show	GitHub Exploit DB Packet Storm

347445	-	suse	suse_linux	Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount request…	NVD-CWE-Other	CVE-2006-0043	2017-07-20 10:29	2006-01-31	Show	GitHub Exploit DB Packet Storm

347446	-	albatross	albatross	Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remote attackers to execute arbitrary commands via unspecified vectors involving template files and the…	NVD-CWE-Other	CVE-2006-0044	2017-07-20 10:29	2006-01-18	Show	GitHub Exploit DB Packet Storm

347447	-	linley_henzell	dungeon_crawl	crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges.	NVD-CWE-Other	CVE-2006-0045	2017-07-20 10:29	2006-01-21	Show	GitHub Exploit DB Packet Storm

347448	-	francesco_stablum	tcpick	Francesco Stablum tcpick 0.2.1 allows remote attackers to cause a denial of service (segmentation fault) via certain fragmented packets, possibly involving invalid headers and an attacker-controlled …	NVD-CWE-Other	CVE-2006-0048	2017-07-20 10:29	2006-04-26	Show	GitHub Exploit DB Packet Storm

347449	-	debian	debian_linux	snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file.	NVD-CWE-Other	CVE-2006-0050	2017-07-20 10:29	2006-03-23	Show	GitHub Exploit DB Packet Storm

347450	-	tony_cook	imager	Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, wh…	CWE-399 Resource Management Errors	CVE-2006-0053	2017-07-20 10:29	2006-04-11	Show	GitHub Exploit DB Packet Storm