Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240021	7.8	危険	マイクロソフト	-	Microsoft Windows 2000 SP4 などの Workstation サービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2006-6723	2012-09-25 15:36	2006-12-26	Show	GitHub Exploit DB Packet Storm

240022	7.5	危険	jelle de vos	-	Bandwebsite における管理者アカウントを作成される脆弱性	-	CVE-2006-6722	2012-09-25 15:36	2006-12-23	Show	GitHub Exploit DB Packet Storm

240023	6.8	警告	knusperleicht	-	Knusperleicht ShoutBox の shout.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6721	2012-09-25 15:36	2006-12-23	Show	GitHub Exploit DB Packet Storm

240024	7.8	危険	日立	-	Hitachi Directory Server におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6714	2012-09-25 15:36	2006-12-21	Show	GitHub Exploit DB Packet Storm

240025	10	危険	日立	-	Windows 上の Hitachi Directory Server におけるバッファオーバーフローの脆弱性	-	CVE-2006-6713	2012-09-25 15:36	2006-12-21	Show	GitHub Exploit DB Packet Storm

240026	7.5	危険	newxooper	-	Newxooper の compteur/mapage.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6711	2012-09-25 15:36	2006-12-22	Show	GitHub Exploit DB Packet Storm

240027	7.5	危険	matteolucarelli	-	PgmReloaded における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-6710	2012-09-25 15:36	2006-12-22	Show	GitHub Exploit DB Packet Storm

240028	7.5	危険	mginternet	-	MGinternet Property Site Manager における SQL インジェクションの脆弱性	-	CVE-2006-6709	2012-09-25 15:36	2006-12-22	Show	GitHub Exploit DB Packet Storm

240029	6.8	警告	mginternet	-	MGinternet Property Site Manager の listings.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6708	2012-09-25 15:36	2006-12-22	Show	GitHub Exploit DB Packet Storm

240030	7.5	危険	マカフィー	-	NeoTrace Express などにおけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-6707	2012-09-25 15:36	2006-12-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1271	6.1	MEDIUM Network	hsclabs	mailinspector	HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting (XSS) in the /police/WarningUrlPage.php endpoint due to improper neutralization of user-supplied input that uses alternate or obfuscate…	CWE-79 Cross-site Scripting	CVE-2026-29965	2026-05-20 02:19	2026-05-19	Show	GitHub Exploit DB Packet Storm

1272	4.3	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with…	CWE-863 Incorrect Authorization	CVE-2026-28732	2026-05-20 02:18	2026-05-18	Show	GitHub Exploit DB Packet Storm

1273	5.0	MEDIUM Network	-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogpt_platform/backen…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-33234	2026-05-20 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

1274	9.9	CRITICAL Network	-	-	Dokploy is a free, self-hostable Platform as a Service (PaaS). Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input…	CWE-78 OS Command	CVE-2026-27130	2026-05-20 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

1275	8.3	HIGH Network	google	chrome	Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…	CWE-787 Out-of-bounds Write	CVE-2026-8548	2026-05-20 02:02	2026-05-15	Show	GitHub Exploit DB Packet Storm

1276	8.8	HIGH Network	google	chrome	Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-8549	2026-05-20 01:58	2026-05-15	Show	GitHub Exploit DB Packet Storm

1277	6.5	MEDIUM Network	google	chrome	Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memo…	CWE-416 Use After Free	CVE-2026-8550	2026-05-20 01:51	2026-05-15	Show	GitHub Exploit DB Packet Storm

1278	7.5	HIGH Network	dhtmlx	pdf_export_module	PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could incl…	CWE-22 Path Traversal	CVE-2026-41552	2026-05-20 01:49	2026-05-15	Show	GitHub Exploit DB Packet Storm

1279	7.5	HIGH Network	twisted	twisted	Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exha…	CWE-400 CWE-407 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity	CVE-2026-42304	2026-05-20 01:47	2026-05-14	Show	GitHub Exploit DB Packet Storm

1280	6.1	MEDIUM Network	northern.tech	cfengine	Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS.	CWE-79 Cross-site Scripting	CVE-2026-24710	2026-05-20 01:45	2026-05-15	Show	GitHub Exploit DB Packet Storm