Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4551 7.5 重要
Network 		Marked project Marked Marked projectのMarkedにおける複数の脆弱性 CWE-400
CWE-674
CWE-835
CVE-2026-41680 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
4552 9.8 緊急
Network 		Apache Software Foundation Apache Pony Mail Apache Software FoundationのApache Pony MailにおけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-41873 2026-04-30 10:59 2026-04-28 Show GitHub Exploit DB Packet Storm
4553 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41908 2026-04-30 10:58 2026-04-23 Show GitHub Exploit DB Packet Storm
4554 5.4 警告
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41909 2026-04-30 10:58 2026-04-23 Show GitHub Exploit DB Packet Storm
4555 8.8 重要
Network 		GitHub Enterprise Server GitHubのEnterprise Serverにおける不正な正規表現に関する脆弱性 CWE-185
不正な正規表現 		CVE-2026-4296 2026-04-30 10:58 2026-04-21 Show GitHub Exploit DB Packet Storm
4556 8.8 重要
Network 		Kubernetes ingress-nginx Kubernetesのingress-nginxにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-4342 2026-04-30 10:58 2026-03-19 Show GitHub Exploit DB Packet Storm
4557 6.5 警告
Network 		レッドハット
libarchive		 Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
Red Hat Hardened Images
libarchive 		libarchive等の複数ベンダの製品における整数への不適切なビットシフトに関する脆弱性 CWE-1335
整数への不適切なビットシフト 		CVE-2026-4426 2026-04-30 10:58 2026-03-19 Show GitHub Exploit DB Packet Storm
4558 7.2 重要
Network 		GitHub Enterprise Server GitHubのEnterprise ServerにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-4821 2026-04-30 10:58 2026-04-21 Show GitHub Exploit DB Packet Storm
4559 7.5 重要
Network 		OpenBMB XAgent OpenBMBのXAgentにおける複数の脆弱性 CWE-287
CWE-306
CVE-2026-4959 2026-04-30 10:58 2026-03-27 Show GitHub Exploit DB Packet Storm
4560 5.5 警告
Local 		レッドハット KVM Windows virtio ドライバ
Red Hat Enterprise Linux 		レッドハットのRed Hat Enterprise Linux等の複数製品における古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-5164 2026-04-30 10:58 2026-03-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
354221 - tor tor Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution. NVD-CWE-Other
CVE-2006-3414 2008-09-6 06:07 2006-07-7 Show GitHub Exploit DB Packet Storm
354222 - tor tor Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors. NVD-CWE-Other
CVE-2006-3415 2008-09-6 06:07 2006-07-7 Show GitHub Exploit DB Packet Storm
354223 - tor tor Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could allow remote attackers to be preferred over nodes that are identified as more trustworthy "entry guard… NVD-CWE-Other
CVE-2006-3417 2008-09-6 06:07 2006-07-7 Show GitHub Exploit DB Packet Storm
354224 - tor tor Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by user… NVD-CWE-Other
CVE-2006-3418 2008-09-6 06:07 2006-07-7 Show GitHub Exploit DB Packet Storm
354225 - tor tor Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding,… NVD-CWE-Other
CVE-2006-3419 2008-09-6 06:07 2006-07-7 Show GitHub Exploit DB Packet Storm
354226 - phpmaillist phpmaillist PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration info… NVD-CWE-Other
CVE-2006-3483 2008-09-6 06:07 2006-07-11 Show GitHub Exploit DB Packet Storm
354227 - virtuastore virtuastore VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuasto… NVD-CWE-Other
CVE-2006-3487 2008-09-6 06:07 2006-07-11 Show GitHub Exploit DB Packet Storm
354228 - virtuastore virtuastore Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in… NVD-CWE-Other
CVE-2006-3488 2008-09-6 06:07 2006-07-11 Show GitHub Exploit DB Packet Storm
354229 - sensesites commonsense_cms SQL injection vulnerability in search.php in SenseSites CommonSense CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the Date parameter. NOTE: the provenance of this information… NVD-CWE-Other
CVE-2006-3576 2008-09-6 06:07 2006-07-13 Show GitHub Exploit DB Packet Storm
354230 - lifetype lifetype SQL injection vulnerability in index.php in LifeType 1.0.5 allows remote attackers to execute arbitrary SQL commands via the Date parameter in a Default op. NVD-CWE-Other
CVE-2006-3577 2008-09-6 06:07 2006-07-13 Show GitHub Exploit DB Packet Storm