Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4621 6.5 警告
Network 		Open5GS Open5GS Open5GSにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2026-8123 2026-05-12 10:19 2026-05-8 Show GitHub Exploit DB Packet Storm
4622 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. CX12L Pro Firmware Shenzhen Tenda Technology Co.,Ltd.のCX12L Pro Firmwareにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-8138 2026-05-12 10:19 2026-05-8 Show GitHub Exploit DB Packet Storm
4623 7.8 重要
Local 		NAVER Corp. NAVER MYBOX Explorer for Windows NAVER Corp.のNAVER MYBOX Explorer for Windowsにおける不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2026-8148 2026-05-12 10:19 2026-05-8 Show GitHub Exploit DB Packet Storm
4624 7.3 重要
Network 		Project Jupyter Jupyter Server Project JupyterのJupyter Serverにおけるアンカーのない正規表現に関する脆弱性 CWE-777
アンカーのない正規表現 		CVE-2026-40110 2026-05-12 10:19 2026-05-5 Show GitHub Exploit DB Packet Storm
4625 6.1 警告
Network 		HCL Technologies Limited unica
HCL Unica Plan
HCL Unica Segment Central
HCL Unica Centralized Offer Management
HCL Unica Audience Campaign
HCL U… 		HCL Technologies Limitedのunica等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-62320 2026-05-12 10:19 2026-03-17 Show GitHub Exploit DB Packet Storm
4626 5.5 警告
Local 		ヒューレット・パッカード Samsung Print Service Plugin ヒューレット・パッカードのSamsung Print Service PluginにおけるAndroid アプリケーションコンポーネントの不適切なエクスポートの脆弱性 CWE-926
CWE-noinfo
CVE-2026-3291 2026-05-12 10:19 2026-05-6 Show GitHub Exploit DB Packet Storm
4627 8.8 重要
Network 		langflow langflow
Langflow-base 		langflowのLangflow-base等の複数製品における複数の脆弱性 CWE-639
CWE-862
CVE-2026-34046 2026-05-12 10:19 2026-03-27 Show GitHub Exploit DB Packet Storm
4628 7.5 重要
Network 		Gazelle project Gazelle KazeburoのGazelleにおけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-40562 2026-05-12 10:19 2026-05-6 Show GitHub Exploit DB Packet Storm
4629 5.3 警告
Network 		opentelemetry OpenTelemetry.Exporter.Zipkin opentelemetryのOpenTelemetry.Exporter.Zipkinにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-41310 2026-05-12 10:19 2026-05-6 Show GitHub Exploit DB Packet Storm
4630 7.5 重要
Network 		uuidjs uuid uuidjsのuuidにおける複数の脆弱性 CWE-787
CWE-823
CVE-2026-41907 2026-05-12 10:19 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350741 - bakbone netvault nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. NVD-CWE-Other
CVE-2005-1372 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350742 - dream4 koobi_cms Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi CMS 4.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) q or (2) p parameters. NVD-CWE-Other
CVE-2005-1373 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350743 - claroline claroline Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to inject arbitrary web script or HTML via (1) exer… NVD-CWE-Other
CVE-2005-1374 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350744 - claroline claroline Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary SQL commands via (1) learningPath.php, (2) … NVD-CWE-Other
CVE-2005-1375 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350745 - claroline claroline Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to… NVD-CWE-Other
CVE-2005-1376 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350746 - claroline claroline Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors. NVD-CWE-Other
CVE-2005-1377 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350747 - oxpus phpbb_personal_notes_module SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, a… NVD-CWE-Other
CVE-2005-1378 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350748 - bea weblogic_server Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action. NVD-CWE-Other
CVE-2005-1380 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350749 - oracle application_server_web_cache Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage paramet… NVD-CWE-Other
CVE-2005-1381 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm
350750 - oracle application_server_web_cache The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. NVD-CWE-Other
CVE-2005-1382 2017-07-11 10:32 2005-05-3 Show GitHub Exploit DB Packet Storm