Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4831 5.4 警告
Network 		Docmost Docmost Docmostにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40927 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
4832 5.4 警告
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40928 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
4833 5.4 警告
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40929 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
4834 7.8 重要
Local 		node-modules compressing node-modulesのcompressingにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-40931 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
4835 5.3 警告
Network 		WWBN AVideo WWBNのAVideoにおける推測可能な CAPTCHA の脆弱性 CWE-804
推測可能な CAPTCHA 		CVE-2026-40935 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
4836 5.3 警告
Network 		WWBN AVideo WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41055 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
4837 8.1 重要
Network 		WWBN AVideo WWBNのAVideoにおける過度に許容されるクロスドメインホワイトリストに関する脆弱性 CWE-942
過度に許容されるクロスドメインホワイトリスト 		CVE-2026-41056 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
4838 7.5 重要
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるエントロピー不足に関する脆弱性 CWE-331
エントロピー不足 		CVE-2026-41080 2026-04-27 11:20 2026-04-16 Show GitHub Exploit DB Packet Storm
4839 7.5 重要
Network 		free5gc free5gc
pcf 		free5GCのfree5GC等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-41135 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
4840 5.3 警告
Network 		free5gc free5gc
amf 		free5GCのamf等の複数製品における予期せぬ動作に関する脆弱性  CWE-440
予期せぬ動作 		CVE-2026-41136 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
352721 - pligg pligg_cms Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the (1) return parameter to pligg/lo… CWE-20
 Improper Input Validation  		CVE-2009-4788 2010-06-3 13:00 2010-04-21 Show GitHub Exploit DB Packet Storm
352722 - mojoblog mojoblog Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramete… CWE-94
Code Injection 		CVE-2009-4789 2010-06-3 13:00 2010-04-21 Show GitHub Exploit DB Packet Storm
352723 - mojoblog mojoblog Per http://extensions.joomla.org/extensions/3374/details: Editor's note This extension has been unpublished for the following reason: * This extension is not compatible with Joomla! 1.5 CWE-94
Code Injection 		CVE-2009-4789 2010-06-3 13:00 2010-04-21 Show GitHub Exploit DB Packet Storm
352724 - sysax multi_server Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this infor… CWE-22
Path Traversal 		CVE-2009-4790 2010-06-3 13:00 2010-04-22 Show GitHub Exploit DB Packet Storm
352725 - amsn amsn login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation. CWE-255
Credentials Management 		CVE-2008-7255 2010-06-3 13:00 2010-04-21 Show GitHub Exploit DB Packet Storm
352726 - lispeltuut com_archeryscores Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a… CWE-22
Path Traversal 		CVE-2010-1718 2010-06-1 13:00 2010-05-5 Show GitHub Exploit DB Packet Storm
352727 - freebsd freebsd jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read,… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2022 2010-06-1 13:00 2010-05-29 Show GitHub Exploit DB Packet Storm
352728 - intervations filecopa Directory traversal vulnerability in the FTP service in FileCOPA before 5.03 allows remote attackers to read or overwrite arbitrary files via unknown vectors. NOTE: the provenance of this informatio… CWE-22
Path Traversal 		CVE-2010-2112 2010-06-1 13:00 2010-05-29 Show GitHub Exploit DB Packet Storm
352729 - brekeke pbx Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote attackers to hijack the authentication of users for requests that change passwords via the pbxadmin.we… CWE-352
 Origin Validation Error 		CVE-2010-2114 2010-06-1 13:00 2010-05-29 Show GitHub Exploit DB Packet Storm
352730 - solarwinds tftp_server SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request. CWE-20
 Improper Input Validation  		CVE-2010-2115 2010-06-1 13:00 2010-05-29 Show GitHub Exploit DB Packet Storm