Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2731 7.5 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-31909 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
2732 7.5 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-31910 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
2733 9.1 緊急
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるハードコードされた暗号鍵の使用に関する脆弱性 CWE-321
ハードコードされた暗号鍵の使用 		CVE-2026-31986 2026-05-21 10:53 2026-05-19 Show GitHub Exploit DB Packet Storm
2734 4.8 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-3495 2026-05-21 10:53 2026-05-18 Show GitHub Exploit DB Packet Storm
2735 6.5 警告
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-35086 2026-05-21 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2736 8.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office クイック実行の特権の昇格の脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-35436 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
2737 5.5 警告
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Microsoft Word
Office Long Term Servicing Channel (LTSC) 		Microsoft Word の情報漏えいの脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-35440 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
2738 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-3637 2026-05-21 10:52 2026-05-18 Show GitHub Exploit DB Packet Storm
2739 9.8 緊急
Network 		H2O.ai H2O H2O.aiのH2Oにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-3960 2026-05-21 10:52 2026-04-23 Show GitHub Exploit DB Packet Storm
2740 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Microsoft Office
Office Long Term Servicing Channel (LTSC) 		Microsoft Office のリモート コードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-40358 2026-05-21 10:52 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
344861 - trend_micro interscan_applettrap Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, … NVD-CWE-Other
CVE-2001-1026 2017-12-19 11:29 2001-07-9 Show GitHub Exploit DB Packet Storm
344862 - charles_clark meteor_ftpd Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the ls/LIST command, or (2) a ... in the cd/CWD command. NVD-CWE-Other
CVE-2001-1031 2017-12-19 11:29 2001-09-27 Show GitHub Exploit DB Packet Storm
344863 - compaq trucluster
tru64 		Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state. NVD-CWE-Other
CVE-2001-1033 2017-12-19 11:29 2001-09-25 Show GitHub Exploit DB Packet Storm
344864 - freebsd freebsd Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. NVD-CWE-Other
CVE-2001-1034 2017-12-19 11:29 2001-09-23 Show GitHub Exploit DB Packet Storm
344865 - basilix basilix_webmail Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive in… NVD-CWE-Other
CVE-2001-1044 2017-12-19 11:29 2001-01-11 Show GitHub Exploit DB Packet Storm
344866 - basilix basilix_webmail Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter. NVD-CWE-Other
CVE-2001-1045 2017-12-19 11:29 2001-07-6 Show GitHub Exploit DB Packet Storm
344867 - openbsd openbsd Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL… NVD-CWE-Other
CVE-2001-1047 2017-12-19 11:29 2001-06-2 Show GitHub Exploit DB Packet Storm
344868 - cccsoftware ccc CCCSoftware CCC PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. NVD-CWE-Other
CVE-2001-1050 2017-12-19 11:29 2001-10-2 Show GitHub Exploit DB Packet Storm
344869 - dark_hart_portal darkportal-unix Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. NVD-CWE-Other
CVE-2001-1051 2017-12-19 11:29 2001-10-2 Show GitHub Exploit DB Packet Storm
344870 - emergenices_personnel_information_system empris Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. NVD-CWE-Other
CVE-2001-1052 2017-12-19 11:29 2001-10-2 Show GitHub Exploit DB Packet Storm