Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3161	5.3	警告 Network	Fleet Device Management	fleet	Fleet Device Managementのfleetにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-24000	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3162	7.5	重要 Network	strapi	strapi	strapiにおける複数の脆弱性	CWE-200 CWE-22 CWE-943	CVE-2026-27886	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3163	6.5	警告 Network	Grafana Labs	Grafana	Grafana LabsのGrafanaにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-28376	2026-05-18 12:07	2026-05-13	Show	GitHub Exploit DB Packet Storm

3164	2.7	低 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-2900	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3165	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-3073	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3166	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-3074	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3167	5.8	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるフィルタリングの回避に関する脆弱性	CWE-441 フィルタリング回避	CVE-2026-3160	2026-05-18 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

3168	9.1	緊急 Network	マイクロソフト	Azure SDK for Java	Azure SDK for Java のセキュリティ機能のバイパスの脆弱性	CWE-287 CWE-347	CVE-2026-33117	2026-05-18 12:07	2026-05-12	Show	GitHub Exploit DB Packet Storm

3169	9.9	緊急 Network	マイクロソフト	Microsoft Dynamics 365 Customer Insights	Microsoft Dynamics 365 Customer Insights の特権昇格の脆弱性	CWE-269 不適切な権限管理	CVE-2026-33821	2026-05-18 12:06	2026-05-12	Show	GitHub Exploit DB Packet Storm

3170	6.5	警告 Adjacent	Pengutronix e.K.	barebox	Pengutronix e.K.のbareboxにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34960	2026-05-18 12:06	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
359501	-	trlinux	postaci_webmail	The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as data…	NVD-CWE-Other	CVE-2000-1100	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359502	-	texas_imperial_software	wftpd	Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a var…	NVD-CWE-Other	CVE-2000-1101	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359503	-	ptlink	ptlink_irc_services ptlink_ircd	PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands.	NVD-CWE-Other	CVE-2000-1102	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359504	-	bsdi	bsd_os	rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command li…	NVD-CWE-Other	CVE-2000-1103	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359505	-	microsoft	indexing_service	The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 sy…	NVD-CWE-Other	CVE-2000-1105	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359506	-	ibm	net.data	document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.	NVD-CWE-Other	CVE-2000-1110	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359507	-	unify	ewave_servletexec	Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".	NVD-CWE-Other	CVE-2000-1114	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359508	-	24link	24link	24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request.	NVD-CWE-Other	CVE-2000-1118	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359509	-	hp	hp-ux	registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to …	NVD-CWE-Other	CVE-2000-1127	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm

359510	-	mcafee	virusscan	The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in t…	NVD-CWE-Other	CVE-2000-1128	2008-09-6 05:22	2001-01-9	Show	GitHub Exploit DB Packet Storm