Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4301	8.8	重要 Network	getkirby	kirby	getkirbyのkirbyにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41325	2026-04-30 12:26	2026-04-24	Show	GitHub Exploit DB Packet Storm

4302	9.9	緊急 Network	OpenClaw	OpenClaw	OpenClawにおける特権 API の不適切な使用に関する脆弱性	CWE-648 特権 API の不適切な使用	CVE-2026-41329	2026-04-30 12:26	2026-04-21	Show	GitHub Exploit DB Packet Storm

4303	4.4	警告 Local	OpenClaw	OpenClaw	OpenClawにおける変数の安全ではないデフォルト値への初期化に関する脆弱性	CWE-453 変数の安全ではないデフォルト値への初期化	CVE-2026-41330	2026-04-30 12:26	2026-04-21	Show	GitHub Exploit DB Packet Storm

4304	9.8	緊急 Network	socialengine	socialengine	socialengineにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-41460	2026-04-30 12:26	2026-04-23	Show	GitHub Exploit DB Packet Storm

4305	8.5	重要 Network	socialengine	socialengine	socialengineにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-41461	2026-04-30 12:26	2026-04-23	Show	GitHub Exploit DB Packet Storm

4306	7.7	重要 Network	The Kyverno Authors	Kyverno	The Kyverno AuthorsのKyvernoにおける到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-41485	2026-04-30 12:25	2026-04-24	Show	GitHub Exploit DB Packet Storm

4307	4	警告 Local	The GnuPG Project	Libgcrypt	The GnuPG ProjectのLibgcryptにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-41990	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

4308	7.4	重要 Network	axios project	axios	axios projectのaxiosにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-42033	2026-04-30 12:25	2026-04-24	Show	GitHub Exploit DB Packet Storm

4309	5.3	警告 Network	axios project	axios	axios projectのaxiosにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-42034	2026-04-30 12:25	2026-04-24	Show	GitHub Exploit DB Packet Storm

4310	7.4	重要 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性	CWE-113 CWE-1321	CVE-2026-42035	2026-04-30 12:25	2026-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348701	-	symantec	firewall_vpn_appliance_100 firewall_vpn_appliance_200 firewall_vpn_appliance_200r gateway_security_320 gateway_security_360 gateway_security_360r nexland_isb_soho_firewall_appliance…	Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP communit…	NVD-CWE-Other	CVE-2004-1474	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348702	-	xine	xine xine-lib	Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines.	NVD-CWE-Other	CVE-2004-1475	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348703	-	xine suse	xine xine-lib suse_linux	Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk labe…	NVD-CWE-Other	CVE-2004-1476	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348704	-	macromedia	jrun	Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session.	NVD-CWE-Other	CVE-2004-1477	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348705	-	hitachi macromedia	cosminexus_enterprise cosminexus_server coldfusion jrun	JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session.	NVD-CWE-Other	CVE-2004-1478	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348706	-	hp	storageworks_command_view	Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions.	NVD-CWE-Other	CVE-2004-1480	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348707	-	bnc	bnc	The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts.	NVD-CWE-Other	CVE-2004-1482	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348708	-	symantec	clientless_vpn_gateway_4400	Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact.	NVD-CWE-Other	CVE-2004-1483	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348709	-	socat	socat	Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to exec…	NVD-CWE-Other	CVE-2004-1484	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348710	-	-	-	Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.	NVD-CWE-Other	CVE-2004-1485	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed