Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5141 7.2 重要
Network 		株式会社GROWI GROWI GROWIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41951 2026-05-11 15:29 2026-05-11 Show GitHub Exploit DB Packet Storm
5142 7.4 重要
Network 		株式会社EPG iOSアプリ「くら寿司 公式アプリ」
Androidアプリ「くら寿司 公式アプリ」 		スマートフォンアプリ「くら寿司 公式アプリ」における証明書検証不備の脆弱性 CWE-Other
その他 		CVE-2026-41872 2026-05-11 12:52 2026-05-11 Show GitHub Exploit DB Packet Storm
5143 3.3
Local 		X.Org Foundation libxpm libXpmにおける境界外読み取りの脆弱性 CWE-Other
その他 		CVE-2026-4367 2026-05-11 12:18 2026-05-11 Show GitHub Exploit DB Packet Storm
5144 7.3 重要
Network 		yeti-platform yeti yeti-platformのyetiにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2024-46507 2026-05-11 11:13 2026-05-8 Show GitHub Exploit DB Packet Storm
5145 7.5 重要
Network 		yeti-platform yeti yeti-platformのyetiにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2024-46508 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
5146 9.8 緊急
Network 		Frappe ERPNext FrappeのERPNextにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-38431 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
5147 6.1 警告
Network 		Frappe ERPNext FrappeのERPNextにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-38432 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
5148 9.1 緊急
Network 		CHORNY Apache::Session CHORNYのApache::Sessionにおける有効期限後または解放後のリソースの操作に関する脆弱性 CWE-672
有効期限後または解放後のリソースの操作 		CVE-2013-10075 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
5149 9.8 緊急
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける複数の脆弱性 CWE-502
CWE-918
CVE-2026-34084 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
5150 5.4 警告
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-35453 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
354901 - t._hauck jana_web_server Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-1999-1083 2016-10-18 11:01 1999-10-8 Show GitHub Exploit DB Packet Storm
354902 - ssh secure_shell SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream be… NVD-CWE-Other
CVE-1999-1085 2016-10-18 11:01 1998-06-12 Show GitHub Exploit DB Packet Storm
354903 - novell netware Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets t… NVD-CWE-Other
CVE-1999-1086 2016-10-18 11:01 1999-07-15 Show GitHub Exploit DB Packet Storm
354904 - iain_lea tin tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file. NVD-CWE-Other
CVE-1999-1092 2016-10-18 11:01 1999-11-17 Show GitHub Exploit DB Packet Storm
354905 - redhat
slackware 		linux
slackware_linux 		sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that… NVD-CWE-Other
CVE-1999-1095 2016-10-18 11:01 1997-10-6 Show GitHub Exploit DB Packet Storm
354906 - microsoft windows_95 Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. NVD-CWE-Other
CVE-1999-1104 2016-10-18 11:01 1999-12-31 Show GitHub Exploit DB Packet Storm
354907 - sendmail sendmail Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands a… NVD-CWE-Other
CVE-1999-1109 2016-10-18 11:01 1999-12-22 Show GitHub Exploit DB Packet Storm
354908 - eudora internet_mail_server Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106. NVD-CWE-Other
CVE-1999-1113 2016-10-18 11:01 1998-04-14 Show GitHub Exploit DB Packet Storm
354909 - oracle http_server Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gai… NVD-CWE-Other
CVE-1999-1125 2016-10-18 11:01 1997-09-19 Show GitHub Exploit DB Packet Storm
354910 - netscape enterprise_server Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command u… NVD-CWE-Other
CVE-1999-1130 2016-10-18 11:01 1999-07-30 Show GitHub Exploit DB Packet Storm