Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3631	7	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Microsoft Resilient File System の特権昇格の脆弱性	CWE-362 CWE-416	CVE-2026-32091	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

3632	7.8	重要 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 10 22h2 Microsoft Windows 10 21h2 Microsoft Windows Server 2025 Microsoft Wind…	デスクトップウィンドウマネージャーの特権昇格の脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32155	2026-04-23 10:13	2026-04-14	Show	GitHub Exploit DB Packet Storm

3633	7.5	重要 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-32228	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

3634	3.7	低 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける誤った領域へのリソースの漏えいに関する脆弱性	CWE-668 誤った領域へのリソースの漏えい	CVE-2026-32690	2026-04-23 10:13	2026-04-18	Show	GitHub Exploit DB Packet Storm

3635	7.8	重要 Local	Curtis Galloway	libexif	Libexif ProjectのLibexifにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-32775	2026-04-23 10:13	2026-03-16	Show	GitHub Exploit DB Packet Storm

3636	3.1	低 Network	Weblate	Weblate	Weblateにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-33212	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

3637	4.3	警告 Network	Weblate	Weblate	Weblateにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-33214	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

3638	6.8	警告 Network	Weblate	Weblate	Weblateにおける複数の脆弱性	CWE-200 CWE-22	CVE-2026-33220	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

3639	8	重要 Network	Weblate	Weblate	Weblateにおける複数の脆弱性	CWE-23 CWE-434 CWE-94	CVE-2026-33435	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

3640	5	警告 Network	Weblate	Weblate	Weblateにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-33440	2026-04-23 10:13	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347831	-	nullsoft	shoutcast_server	This vulnerability is addressed in the following product releases: Nullsoft, SHOUTcast DSP, 1.9.6 Nullsoft, SHOUTcast DSP, 1.9.7	NVD-CWE-Other	CVE-2006-3534	2011-03-8 11:38	2006-07-13	Show	GitHub Exploit DB Packet Storm

347832	-	ipswitch	ipswitch_collaboration_suite ipswitch_secure_server	Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not proper…	NVD-CWE-Other	CVE-2006-3552	2011-03-8 11:38	2006-07-13	Show	GitHub Exploit DB Packet Storm

347833	-	logicalware	mailmanager	Logicalware MailManager before 2.0.10 does not remove 0xc8 0x27 (0xc8 followed by a single-quote character) from the data stream to the server, which allows remote attackers to modify data and gain a…	NVD-CWE-Other	CVE-2006-2824	2011-03-8 11:37	2006-06-6	Show	GitHub Exploit DB Packet Storm

347834	-	techno_dreams	techno_dreams_guest_book	Cross-site scripting (XSS) vulnerability in Techno Dreams Guest Book allows remote attackers to inject arbitrary web script or HTML via certain comment fields in the "Sign Our GuestBook" page, probab…	NVD-CWE-Other	CVE-2006-2837	2011-03-8 11:37	2006-06-7	Show	GitHub Exploit DB Packet Storm

347835	-	particle_soft	particle_gallery	SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the imageid parameter.	NVD-CWE-Other	CVE-2006-2862	2011-03-8 11:37	2006-06-7	Show	GitHub Exploit DB Packet Storm

347836	-	deltascripts	php_pro_publish	Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this info…	NVD-CWE-Other	CVE-2006-2876	2011-03-8 11:37	2006-06-7	Show	GitHub Exploit DB Packet Storm

347837	-	qbik	wingate	Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of othe…	NVD-CWE-Other	CVE-2006-2917	2011-03-8 11:37	2006-07-11	Show	GitHub Exploit DB Packet Storm

347838	-	dmx_forum	dmx_forum	Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.	NVD-CWE-Other	CVE-2006-2946	2011-03-8 11:37	2006-06-13	Show	GitHub Exploit DB Packet Storm

347839	-	skoom	i.list	Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchword parameter to search.php or (2) …	NVD-CWE-Other	CVE-2006-2956	2011-03-8 11:37	2006-06-13	Show	GitHub Exploit DB Packet Storm

347840	-	enterprise_payroll_systems	enterprise_payroll_systems	PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter…	NVD-CWE-Other	CVE-2006-2983	2011-03-8 11:37	2006-06-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed