Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4651	9.8	緊急 Network	vm2 project	vm2	vm2 projectのvm2における複数の脆弱性	CWE-693 CWE-94	CVE-2026-24118	2026-05-11 11:12	2026-05-4	Show	GitHub Exploit DB Packet Storm

4652	9.8	緊急 Network	vm2 project	vm2	vm2 projectのvm2における複数の脆弱性	CWE-693 CWE-94	CVE-2026-24120	2026-05-11 11:12	2026-05-4	Show	GitHub Exploit DB Packet Storm

4653	9.8	緊急 Network	vm2 project	vm2	vm2 projectのvm2における複数の脆弱性	CWE-693 CWE-94	CVE-2026-24781	2026-05-11 11:12	2026-05-4	Show	GitHub Exploit DB Packet Storm

4654	6.3	警告 Network	Apache Software Foundation	CloudStack	Apache Software FoundationのCloudStackにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-25077	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4655	9.1	緊急 Network	Apache Software Foundation	CloudStack	Apache Software FoundationのCloudStackにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-25199	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4656	7.5	重要 Network	マイクロソフト	Microsoft 365 Copilot BizChat	M365 Copilot の情報漏えいの脆弱性	CWE-138 特殊要素の不適切な無害化	CVE-2026-26129	2026-05-11 11:12	2026-05-7	Show	GitHub Exploit DB Packet Storm

4657	7.5	重要 Network	マイクロソフト	Microsoft 365 Copilot BizChat	M365 Copilot の情報漏えいの脆弱性	CWE-74 インジェクション	CVE-2026-26164	2026-05-11 11:12	2026-05-7	Show	GitHub Exploit DB Packet Storm

4658	9.8	緊急 Network	vm2 project	vm2	vm2 projectのvm2における保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-26956	2026-05-11 11:12	2026-05-4	Show	GitHub Exploit DB Packet Storm

4659	6.5	警告 Network	Traccar Ltd	Traccar	Traccar LtdのTraccarにおけるCSV ファイル内の数式要素の中和に関する脆弱性	CWE-1236 CSV ファイル内の数式要素の不適切な中和	CVE-2026-27644	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4660	5.4	警告 Network	Traccar Ltd	Traccar	Traccar LtdのTraccarにおけるブラインド XPath インジェクションの脆弱性	CWE-91 ブラインド XPath インジェクション	CVE-2026-27693	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
350631	-	mailenable	mailenable_enterprise mailenable_professional	The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode str…	NVD-CWE-Other	CVE-2005-1013	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350632	-	mailenable	mailenable_enterprise mailenable_professional	Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command.	NVD-CWE-Other	CVE-2005-1014	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350633	-	maxwebportal	maxwebportal	Cross-site scripting (XSS) vulnerability in links_add_form.asp for MaxWebPortal 1.33 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URL in a banner URL.	NVD-CWE-Other	CVE-2005-1016	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350634	-	maxwebportal	maxwebportal	SQL injection vulnerability in the Update_Events function in events_functions.asp in MaxWebPortal 1.33 and earlier allows remote attackers to execute arbitrary SQL commands via the EVENT_ID parameter…	CWE-89 SQL Injection	CVE-2005-1017	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350635	-	aeon	aeon	Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable.	NVD-CWE-Other	CVE-2005-1019	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350636	-	francisco_burzi	php-nuke	Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x to 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) min parameter to the Search module, (2) the catego…	NVD-CWE-Other	CVE-2005-1023	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350637	-	francisco_burzi	php-nuke	modules.php in PHP-Nuke 6.x to 7.6 allows remote attackers to obtain sensitive information via a direct request to (1) my_headlines, (2) userinfo, or (3) search, which reveals the path in a PHP error…	NVD-CWE-Other	CVE-2005-1024	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350638	-	francisco_burzi	php-nuke	Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module…	NVD-CWE-Other	CVE-2005-1027	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

350639	-	active_web_softwares	active_auction_house	Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) ite…	NVD-CWE-Other	CVE-2005-1029	2017-07-11 10:32	2005-04-6	Show	GitHub Exploit DB Packet Storm

350640	-	active_web_softwares	active_auction_house	Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, …	NVD-CWE-Other	CVE-2005-1030	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm