Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3581	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-42445	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3582	7.1	重要 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-42446	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3583	8.5	重要 Network	n8n-MCP	n8n-MCP	n8n-MCPにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42449	2026-05-18 12:14	2026-05-7	Show	GitHub Exploit DB Packet Storm

3584	7.3	重要 Network	Apache Software Foundation	Apache Tomcat	Apache Software FoundationのApache Tomcatにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-42498	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3585	9.8	緊急 Network	archivebox	archivebox	archiveboxにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-42601	2026-05-18 12:14	2026-05-9	Show	GitHub Exploit DB Packet Storm

3586	8.8	重要 Network	azuracast	azuracast	AzuraCastにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-42605	2026-05-18 12:14	2026-05-9	Show	GitHub Exploit DB Packet Storm

3587	8.8	重要 Network	azuracast	azuracast	AzuraCastにおけるパスワード管理機能に関する脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2026-42606	2026-05-18 12:14	2026-05-9	Show	GitHub Exploit DB Packet Storm

3588	9.9	緊急 Network	マイクロソフト	Azure Logic Apps	Azure Logic Apps の特権昇格の脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-42823	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3589	7	重要 Local	マイクロソフト	Microsoft Windows 11 25h2 Microsoft Windows Server 2016 Microsoft Windows 10 1809 Microsoft Windows 11 23h2 Microsoft Wind…	Windows テレフォニーサービスの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-42825	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

3590	6.5	警告 Local	マイクロソフト	Azure Monitor Agent	Azure Monitor エージェントの拡張機能の特権昇格の脆弱性	CWE-426 信頼性のない検索パス	CVE-2026-42830	2026-05-18 12:14	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
305701	-	openstack	nova	Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to ov…	CWE-22 Path Traversal	CVE-2011-4596	2024-11-21 10:32	2011-12-24	Show	GitHub Exploit DB Packet Storm

305702	-	phpmyadmin	phpmyadmin	Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTM…	CWE-79 Cross-site Scripting	CVE-2011-4782	2024-11-21 10:32	2011-12-23	Show	GitHub Exploit DB Packet Storm

305703	-	phpmyadmin	phpmyadmin	Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL …	CWE-79 Cross-site Scripting	CVE-2011-4780	2024-11-21 10:32	2011-12-23	Show	GitHub Exploit DB Packet Storm

305704	-	phpmyadmin	phpmyadmin	Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Data…	CWE-79 Cross-site Scripting	CVE-2011-4634	2024-11-21 10:32	2011-12-23	Show	GitHub Exploit DB Packet Storm

305705	-	pmwiki	pmwiki	The PageListSort function in scripts/pagelist.php in PmWiki 2.x before 2.2.35 allows remote attackers to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive,…	CWE-94 Code Injection	CVE-2011-4453	2024-11-21 10:32	2011-12-23	Show	GitHub Exploit DB Packet Storm

305706	-	moodle	moodle	CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary H…	CWE-94 Code Injection	CVE-2011-4203	2024-11-21 10:32	2011-12-23	Show	GitHub Exploit DB Packet Storm

305707	-	zftpserver	zftpserver_suite	Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.	CWE-22 Path Traversal	CVE-2011-4717	2024-11-21 10:32	2011-12-20	Show	GitHub Exploit DB Packet Storm

305708	-	unbound	unbound	Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) …	CWE-399 Resource Management Errors	CVE-2011-4528	2024-11-21 10:32	2011-12-20	Show	GitHub Exploit DB Packet Storm

305709	-	pidgin	pidgin	The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attacke…	CWE-20 Improper Input Validation	CVE-2011-4603	2024-11-21 10:32	2011-12-17	Show	GitHub Exploit DB Packet Storm

305710	-	pidgin	pidgin	The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of …	CWE-20 Improper Input Validation	CVE-2011-4602	2024-11-21 10:32	2011-12-17	Show	GitHub Exploit DB Packet Storm