Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3281 7.5 重要
Network 		VMware Spring AI VMwareのSpring AIにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2026-41712 2026-05-14 10:18 2026-05-12 Show GitHub Exploit DB Packet Storm
3282 8.2 重要
Network 		VMware Spring AI VMwareのSpring AIにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-41713 2026-05-14 10:18 2026-05-12 Show GitHub Exploit DB Packet Storm
3283 6.5 警告
Network 		LangGenius Dify LangGeniusのDifyにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-41950 2026-05-14 10:18 2026-05-5 Show GitHub Exploit DB Packet Storm
3284 9.6 緊急
Network 		Streetwriters Notesnook Mobile
Notesnook Desktop 		StreetwritersのNotesnook Desktop等の複数製品における複数の脆弱性 CWE-79
CWE-94
CVE-2026-42090 2026-05-14 10:18 2026-05-4 Show GitHub Exploit DB Packet Storm
3285 6.5 警告
Network 		goshs goshs goshsにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-42091 2026-05-14 10:18 2026-05-4 Show GitHub Exploit DB Packet Storm
3286 4.8 警告
Network 		Weblate wlc Weblateのwlcにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42150 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
3287 5.9 警告
Network 		Teluu Ltd. PJSIP Teluu Ltd.のPJSIPにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-42225 2026-05-14 10:18 2026-05-7 Show GitHub Exploit DB Packet Storm
3288 4.3 警告
Network 		Onyx Onyx Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-42276 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
3289 6.5 警告
Network 		Onyx Onyx Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-42277 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
3290 5.5 警告
Local 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-42308 2026-05-14 10:18 2026-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345541 - hp jetdirect HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command. NVD-CWE-Other
CVE-2000-0636 2017-10-10 10:29 2000-07-19 Show GitHub Exploit DB Packet Storm
345542 - sean_macguire big_brother bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter. NVD-CWE-Other
CVE-2000-0638 2017-10-10 10:29 2000-07-11 Show GitHub Exploit DB Packet Storm
345543 - sean_macguire big_brother The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose… NVD-CWE-Other
CVE-2000-0639 2017-10-10 10:29 2000-06-11 Show GitHub Exploit DB Packet Storm
345544 - steve_poulsen guildftpd Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or … NVD-CWE-Other
CVE-2000-0640 2017-10-10 10:29 2000-07-8 Show GitHub Exploit DB Packet Storm
345545 - michael_lamont savant_webserver Savant web server allows remote attackers to execute arbitrary commands via a long GET request. NVD-CWE-Other
CVE-2000-0641 2017-10-10 10:29 2000-07-8 Show GitHub Exploit DB Packet Storm
345546 - texas_imperial_software wftpd WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing. NVD-CWE-Other
CVE-2000-0644 2017-10-10 10:29 2000-07-21 Show GitHub Exploit DB Packet Storm
345547 - network_associates netshield
virusscan 		The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary comm… NVD-CWE-Other
CVE-2000-0650 2017-10-10 10:29 2000-07-11 Show GitHub Exploit DB Packet Storm
345548 - ibm websphere_application_server IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. NVD-CWE-Other
CVE-2000-0652 2017-10-10 10:29 2000-07-24 Show GitHub Exploit DB Packet Storm
345549 - alt-n worldclient The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-2000-0660 2017-10-10 10:29 2000-07-12 Show GitHub Exploit DB Packet Storm
345550 - wircsrv irc_server WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port. NVD-CWE-Other
CVE-2000-0661 2017-10-10 10:29 2000-07-10 Show GitHub Exploit DB Packet Storm