Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5961	6.1	警告 Network	generatedata	generatedata	generatedataにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-70025	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

5962	7.5	重要 Network	pdfmake project	pdfmake	pdfmakeにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-26801	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

5963	7.8	重要 Local	Luis Novo (lfnovo)	Open Notebook	Luis Novo (lfnovo)のOpen Notebookにおける複数の脆弱性	CWE-20 CWE-352 CWE-917 CWE-noinfo	CVE-2026-28201	2026-05-11 11:02	2026-05-7	Show	GitHub Exploit DB Packet Storm

5964	9.8	緊急 Network	Xiaomi	MIUI File Explorer	XiaomiのMIUI File Explorerにおける複数の脆弱性	CWE-303 CWE-862	CVE-2026-29515	2026-05-11 11:02	2026-03-11	Show	GitHub Exploit DB Packet Storm

5965	6.1	警告 Network	WorkflowFirst Software LLC	Staff.Wiki	WorkflowFirst Software LLCのStaff.Wikiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-29969	2026-05-11 11:02	2026-03-26	Show	GitHub Exploit DB Packet Storm

5966	5.4	警告 Network	spomky-labs	webauthn-lib webauthn-symfony-bundle webauthn framwork	spomky-labsのwebauthn-lib等の複数製品における同一生成元ポリシー違反に関する脆弱性	CWE-346 同一生成元ポリシー違反	CVE-2026-30964	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

5967	6.5	警告 Network	appium	Appium/support	appiumのAppium/supportにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-30973	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

5968	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows Server 2022 Microsoft Windows 11 24h2 Microsoft Windows 11 25h2 Microsoft …	リモートデスクトップクライアントのリモートでコードが実行される脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32157	2026-05-11 11:02	2026-04-14	Show	GitHub Exploit DB Packet Storm

5969	10	緊急 Network	Luis Novo (lfnovo)	Open Notebook	Luis Novo (lfnovo)のOpen Notebookにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-33587	2026-05-11 11:02	2026-05-7	Show	GitHub Exploit DB Packet Storm

5970	8.1	重要 Network	Luis Novo (lfnovo)	Open Notebook	Luis Novo (lfnovo)のOpen Notebookにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-33588	2026-05-11 11:02	2026-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
356791	-	navision	financials_server	Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to cr…	NVD-CWE-Other	CVE-2001-0392	2016-10-18 11:10	2001-06-18	Show	GitHub Exploit DB Packet Storm

356792	-	navision	financials_server	Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the lic…	NVD-CWE-Other	CVE-2001-0393	2016-10-18 11:10	2001-06-18	Show	GitHub Exploit DB Packet Storm

356793	-	caucho_technology	resin	Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.	NVD-CWE-Other	CVE-2001-0399	2016-10-18 11:10	2001-06-18	Show	GitHub Exploit DB Packet Storm

356794	-	sun	javaserver_web_dev_kit	Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.	NVD-CWE-Other	CVE-2001-0404	2016-10-18 11:10	2001-06-18	Show	GitHub Exploit DB Packet Storm

356795	-	ibm	http_server	IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.	NVD-CWE-Other	CVE-2000-1168	2016-10-18 11:09	2001-01-9	Show	GitHub Exploit DB Packet Storm

356796	-	jon_atkins	imwheel	imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file.	NVD-CWE-Other	CVE-2000-1190	2016-10-18 11:09	2001-08-31	Show	GitHub Exploit DB Packet Storm

356797	-	university_of_washington	imap	POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of ma…	NVD-CWE-Other	CVE-2000-1197	2016-10-18 11:09	2001-08-31	Show	GitHub Exploit DB Packet Storm

356798	-	redhat	linux	userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format str…	NVD-CWE-Other	CVE-2000-1207	2016-10-18 11:09	2000-09-30	Show	GitHub Exploit DB Packet Storm

356799	-	immunix netbsd openbsd redhat	immunix netbsd openbsd linux	Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from t…	NVD-CWE-Other	CVE-2000-1208	2016-10-18 11:09	2002-08-12	Show	GitHub Exploit DB Packet Storm

356800	-	apache	tomcat	Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.	NVD-CWE-Other	CVE-2000-1210	2016-10-18 11:09	2002-03-22	Show	GitHub Exploit DB Packet Storm