Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2321	7.5	重要 Network	Gotenberg, Inc.	Gotenberg	TheCodingMachineのGotenbergにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-40280	2026-05-11 11:10	2026-05-5	Show	GitHub Exploit DB Packet Storm

2322	8.8	重要 Network	Math.js	Math.js	Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性	CWE-915 動的に決定されたオブジェクト属性の不適切に制御された変更	CVE-2026-41139	2026-05-11 11:10	2026-05-7	Show	GitHub Exploit DB Packet Storm

2323	8.8	重要 Network	OpenEXR	OpenEXR	OpenEXRにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-41142	2026-05-11 11:10	2026-05-7	Show	GitHub Exploit DB Packet Storm

2324	7.7	重要 Network	Istio	Istio	Istioにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-41413	2026-05-11 11:09	2026-05-7	Show	GitHub Exploit DB Packet Storm

2325	8.1	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-41496	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2326	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-77 CWE-78	CVE-2026-41497	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2327	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41500	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2328	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41501	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2329	7.8	重要 Local	Sebastian Bergmann	PHPUnit	Sebastian BergmannのPHPUnitにおける複数の脆弱性	CWE-88 CWE-93	CVE-2026-41570	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2330	7.5	重要 Network	Zcash Foundation	Zebra-chain Zebrad	Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-41584	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345621	-	phpbb_group	phpbb	Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smi…	NVD-CWE-Other	CVE-2006-0437	2017-07-20 10:29	2006-02-7	Show	GitHub Exploit DB Packet Storm

345622	-	phpbb_group	phpbb	Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user …	NVD-CWE-Other	CVE-2006-0438	2017-07-20 10:29	2006-02-7	Show	GitHub Exploit DB Packet Storm

345623	-	webwork	webwork	Unspecified vulnerability in WeBWorK 2.1.3 and 2.2-pre1 allows remote privileged attackers to execute arbitrary commands as the web server via unknown attack vectors.	NVD-CWE-Other	CVE-2006-0446	2017-07-20 10:29	2006-01-27	Show	GitHub Exploit DB Packet Storm

345624	-	e-post_corporation	mail_server smtp_server spa-pro_mail_atsolomon	Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the (1) AUTH PLAIN or (2) AUTH LOGIN SMTP c…	NVD-CWE-Other	CVE-2006-0447	2017-07-20 10:29	2006-01-27	Show	GitHub Exploit DB Packet Storm

345625	-	e-post_corporation	mail_server spa-pro_mail_atsolomon	Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and (2) SPA-IMAP4S.EXE in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allow remote attackers to (a) list arbitrary di…	NVD-CWE-Other	CVE-2006-0448	2017-07-20 10:29	2006-01-27	Show	GitHub Exploit DB Packet Storm

345626	-	e-post_corporation	mail_server spa-pro_mail_atsolomon	Early termination vulnerability in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allows remote attackers to cause a denial of service (infinite loop) by sending an APPEND command and dis…	NVD-CWE-Other	CVE-2006-0449	2017-07-20 10:29	2006-01-27	Show	GitHub Exploit DB Packet Storm

345627	-	redhat	fedora_core	Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, whic…	NVD-CWE-Other	CVE-2006-0451	2017-07-20 10:29	2006-02-15	Show	GitHub Exploit DB Packet Storm

345628	-	redhat	fedora_core	dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a larg…	NVD-CWE-Other	CVE-2006-0452	2017-07-20 10:29	2006-02-15	Show	GitHub Exploit DB Packet Storm

345629	-	redhat	fedora_core	The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demon…	NVD-CWE-Other	CVE-2006-0453	2017-07-20 10:29	2006-02-15	Show	GitHub Exploit DB Packet Storm

345630	-	bomberclone	bomberclone	Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote attackers to execute arbitrary code via long error messages.	NVD-CWE-Other	CVE-2006-0460	2017-07-20 10:29	2006-02-17	Show	GitHub Exploit DB Packet Storm