Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1971	5.5	警告 Local	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-190 CWE-787	CVE-2026-41257	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

1972	5.4	警告 Network	Langfuse GmbH	Langfuse	Langfuse GmbHのLangfuseにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41487	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

1973	9.8	緊急 Network	Nhost	Nhost/auth	NhostのNhost/authにおける認証に関する脆弱性	CWE-287 CWE-noinfo	CVE-2026-41574	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

1974	7.5	重要 Network	Web Technologies	Change Detection	Web TechnologiesのChange DetectionにおけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2026-41895	2026-05-15 11:00	2026-05-12	Show	GitHub Exploit DB Packet Storm

1975	9.8	緊急 Network	レッドハット GNU Project	Red Hat OpenShift Container Platform Red Hat Hardened Images GnuTLS Red Hat Enterprise Linux	GNU Project等の複数ベンダの製品におけるNull バイト相互作用エラー (Poison Null Byte) の脆弱性	CWE-626 Null バイト相互作用エラー (Poison Null Byte)	CVE-2026-42010	2026-05-15 11:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1976	9.6	緊急 Network	langflow	langflow	langflowにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-42048	2026-05-15 11:00	2026-05-12	Show	GitHub Exploit DB Packet Storm

1977	5.5	警告 Local	ImageMagick	ImageMagick	ImageMagickにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-42050	2026-05-15 11:00	2026-05-11	Show	GitHub Exploit DB Packet Storm

1978	8.1	重要 Network		-	OpenC3のOpenC3 COSMOSにおける不要な特権による実行に関する脆弱性	CWE-250 不要な特権による実行	CVE-2026-42088	2026-05-15 11:00	2026-05-4	Show	GitHub Exploit DB Packet Storm

1979	8.8	重要 Network	litellm	litellm	LiteLLMにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-1336 テンプレートエンジンで使用される特殊な要素の不適切な無効化	CVE-2026-42203	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

1980	9.1	緊急 Network	axios project	axios	axios projectのaxiosにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-42264	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345201	-	docebo	docebo	Successful exploitation requires that "register_globals" is enabled.	NVD-CWE-Other	CVE-2006-2577	2017-07-21 10:29	2006-05-25	Show	GitHub Exploit DB Packet Storm

345202	-	ipostmx	ipostmx_2005	Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) forum parameter in messagepost.cfm and (2) topic parameter …	NVD-CWE-Other	CVE-2006-3096	2017-07-21 10:29	2006-06-20	Show	GitHub Exploit DB Packet Storm

345203	-	ssh	tectia_client tectia_connector tectia_manager tectia_server	Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when runnin…	NVD-CWE-Other	CVE-2006-4315	2017-07-20 10:33	2006-08-24	Show	GitHub Exploit DB Packet Storm

345204	-	ssh	tectia_manager	SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the …	NVD-CWE-Other	CVE-2006-4316	2017-07-20 10:33	2006-08-24	Show	GitHub Exploit DB Packet Storm

345205	-	justsystem	formliner ichitaro ichitaro_government	Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execu…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2006-4326	2017-07-20 10:33	2006-08-24	Show	GitHub Exploit DB Packet Storm

345206	-	wireshark	wireshark	Unspecified vulnerability in the DHCP dissector in Wireshark (formerly Ethereal) 0.10.13 through 0.99.2, when run on Windows, allows remote attackers to cause a denial of service (crash) via unspecif…	NVD-CWE-Other	CVE-2006-4332	2017-07-20 10:33	2006-08-25	Show	GitHub Exploit DB Packet Storm

345207	-	jiran	cool_manager cool_messenger_office_school_server	SQL injection vulnerability in user logon authentication request handling in Cool_CoolD.exe in Cool Manager 5.0 (5,60,90,28) and Cool Messenger Office/School Server 5.5 (5,65,12,13) allows remote att…	NVD-CWE-Other	CVE-2006-4347	2017-07-20 10:33	2006-08-25	Show	GitHub Exploit DB Packet Storm

345208	-	sun	java_system_content_delivery_server	Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors.	NVD-CWE-Other	CVE-2006-4353	2017-07-20 10:33	2006-08-25	Show	GitHub Exploit DB Packet Storm

345209	-	drupal	drupal_easylinks_module	Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspec…	NVD-CWE-Other	CVE-2006-4355	2017-07-20 10:33	2006-08-27	Show	GitHub Exploit DB Packet Storm

345210	-	drupal	drupal_easylinks_module	SQL injection vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	NVD-CWE-Other	CVE-2006-4356	2017-07-20 10:33	2006-08-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed