Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4821 5.5 警告
Local 		HKUDS OpenHarness HKUDSのOpenHarnessにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40515 2026-04-27 11:29 2026-04-17 Show GitHub Exploit DB Packet Storm
4822 6.3 警告
Local 		HKUDS OpenHarness HKUDSのOpenHarnessにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40516 2026-04-27 11:29 2026-04-17 Show GitHub Exploit DB Packet Storm
4823 7.6 重要
Network 		HKUDS OpenHarness HKUDSのOpenHarnessにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-6729 2026-04-27 11:29 2026-04-20 Show GitHub Exploit DB Packet Storm
4824 9.8 緊急
Network 		Topsec Technologies Group Inc. Tianxin Internet Behavior Management System Topsec Technologies Group Inc.のTianxin Internet Behavior Management SystemにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-4473 2026-04-27 11:29 2026-04-7 Show GitHub Exploit DB Packet Storm
4825 7.2 重要
Network 		Dolibarr ERP & CRM dolibarr erp/crm Dolibarr ERP & CRMのdolibarr erp/crmにおける複数の脆弱性 CWE-94
CWE-95
CVE-2026-22666 2026-04-27 11:29 2026-04-7 Show GitHub Exploit DB Packet Storm
4826 9.8 緊急
Network 		Weaver Software Weaver e cology Weaver SoftwareのWeaver e cologyにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-22679 2026-04-27 11:29 2026-04-7 Show GitHub Exploit DB Packet Storm
4827 8.8 重要
Local 		PackageKit Project PackageKit PackageKit ProjectのPackageKitにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-41651 2026-04-27 11:29 2026-04-22 Show GitHub Exploit DB Packet Storm
4828 4.4 警告
Local 		libjxl project libjxl libjxl projectのlibjxlにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2025-12474 2026-04-27 11:28 2026-02-11 Show GitHub Exploit DB Packet Storm
4829 7.5 重要
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2025-65104 2026-04-27 11:28 2026-04-17 Show GitHub Exploit DB Packet Storm
4830 6.7 警告
Local 		マイクロソフト Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 10 1809
Microsoft Windows 10 22h2
Microsoft Wind… 		UEFI セキュア ブートのセキュリティ機能バイパスの脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-0390 2026-04-27 11:28 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347161 - kevin_johnson
roman_danyliw 		basic_analysis_and_security_engine
analysis_console_for_intrusion_databases_\(acid\) 		Cross-site scripting (XSS) vulnerability in the PrintFreshPage function in (1) Basic Analysis and Security Engine (BASE) 1.2.4 and (2) Analysis Console for Intrusion Databases (ACID) 0.9.6b23 allows … NVD-CWE-Other
CVE-2006-1590 2017-07-20 10:30 2006-04-3 Show GitHub Exploit DB Packet Storm
347162 - sun cluster Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris.cluster.gui authorization to view arbitrary files via unspecified vectors. NVD-CWE-Other
CVE-2006-1601 2017-07-20 10:30 2006-04-4 Show GitHub Exploit DB Packet Storm
347163 - phpbb_group phpbb Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this in… NVD-CWE-Other
CVE-2006-1603 2017-07-20 10:30 2006-04-4 Show GitHub Exploit DB Packet Storm
347164 - exponent exponent_cms Unspecified vulnerability in the banner module in Exponent CMS before 0.96.5 RC 1 allows "php injection" via unknown attack vectors. NVD-CWE-Other
CVE-2006-1607 2017-07-20 10:30 2006-04-4 Show GitHub Exploit DB Packet Storm
347165 - hitachi xfit_s
xfit_s_jca
xfit_s_zengin
xfit_s_zgin 		Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, and XFIT/S ZENGIN TCP/IP Procedure allows remote attackers to cause a denial of service (server process and transfer control proce… NVD-CWE-Other
CVE-2006-1609 2017-07-20 10:30 2006-04-4 Show GitHub Exploit DB Packet Storm
347166 - kgb archiver Directory traversal vulnerability in KGB Archiver before 1.1.5.22 allows remote attackers to overwrite arbitrary files wile decompressing an archive, possibly due to directory traversal sequences in … NVD-CWE-Other
CVE-2006-1611 2017-07-20 10:30 2006-04-4 Show GitHub Exploit DB Packet Storm
347167 - kgb archiver This vulnerability affects all versions of KGB, Archiver before 1.1.5.22 NVD-CWE-Other
CVE-2006-1611 2017-07-20 10:30 2006-04-4 Show GitHub Exploit DB Packet Storm
347168 - clamav clamav Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whethe… CWE-134
Use of Externally-Controlled Format String 		CVE-2006-1615 2017-07-20 10:30 2006-04-7 Show GitHub Exploit DB Packet Storm
347169 - advanced_poll advanced_poll Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to comments.php or (2) poll_id parameter to page.php. NVD-CWE-Other
CVE-2006-1616 2017-07-20 10:30 2006-04-5 Show GitHub Exploit DB Packet Storm
347170 - advanced_poll advanced_poll Multiple cross-site scripting (XSS) vulnerabilities in Advanced Poll 2.02 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to comments.php or (2) poll_id paramet… NVD-CWE-Other
CVE-2006-1617 2017-07-20 10:30 2006-04-5 Show GitHub Exploit DB Packet Storm