Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4971	5.3	警告 Network	VMware	Spring gRPC	VMwareのSpring gRPCにおけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2026-40969	2026-05-1 10:38	2026-04-28	Show	GitHub Exploit DB Packet Storm

4972	7.5	重要 Network	Frappe	Press	FrappeのPressにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-41317	2026-05-1 10:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

4973	6.1	警告 Network	Frappe	Press	FrappeのPressにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41430	2026-05-1 10:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

4974	8.8	重要 Network	D-Link Systems, Inc.	DHP-1320 Firmware	D-Link CorporationのDHP-1320 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-4529	2026-05-1 10:38	2026-03-21	Show	GitHub Exploit DB Packet Storm

4975	7	重要 Local	flos-freeware (Florian Balmer)	Notepad2	flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性	CWE-426 CWE-427	CVE-2026-4545	2026-05-1 10:38	2026-03-22	Show	GitHub Exploit DB Packet Storm

4976	7	重要 Local	flos-freeware (Florian Balmer)	Notepad2	flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性	CWE-426 CWE-427	CVE-2026-4546	2026-05-1 10:38	2026-03-22	Show	GitHub Exploit DB Packet Storm

4977	9.8	緊急 Network	Shenzhen Tenda Technology Co.,Ltd.	4G03 Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.の4G03 Pro Firmwareにおける複数の脆弱性	CWE-266 CWE-284	CVE-2026-5526	2026-05-1 10:38	2026-04-4	Show	GitHub Exploit DB Packet Storm

4978	5.3	警告 Network	Shenzhen Tenda Technology Co.,Ltd.	4G03 Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.の4G03 Pro Firmwareにおける複数の脆弱性	CWE-320 CWE-321	CVE-2026-5527	2026-05-1 10:38	2026-04-5	Show	GitHub Exploit DB Packet Storm

4979	8	重要 Adjacent	Shenzhen Tenda Technology Co.,Ltd.	CX12L Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.のCX12L Pro Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-5683	2026-05-1 10:38	2026-04-6	Show	GitHub Exploit DB Packet Storm

4980	8	重要 Adjacent	Shenzhen Tenda Technology Co.,Ltd.	CX12L Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.のCX12L Pro Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-5684	2026-05-1 10:38	2026-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
352401	-	-	-	Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. (dot dot) in the vote_filename parameter, which bypasse…	NVD-CWE-Other	CVE-2005-0796	2016-10-18 12:14	2005-05-2	Show	GitHub Exploit DB Packet Storm

352402	-	-	-	Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.	CWE-200 Information Exposure	CVE-2005-0797	2016-10-18 12:14	2005-03-15	Show	GitHub Exploit DB Packet Storm

352403	-	novell	ichain	Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.	NVD-CWE-Other	CVE-2005-0798	2016-10-18 12:14	2005-03-15	Show	GitHub Exploit DB Packet Storm

352404	-	includer.cgi	includer.cgi	Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read arbitrary files via (1) a .. (dot dot) or (2) a full pathname in the URL.	NVD-CWE-Other	CVE-2005-0801	2016-10-18 12:14	2005-05-2	Show	GitHub Exploit DB Packet Storm

352405	-	mailenable	mailenable_standard	Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field.	NVD-CWE-Other	CVE-2005-0804	2016-10-18 12:14	2005-05-2	Show	GitHub Exploit DB Packet Storm

352406	-	php_fusion	php_fusion	Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pas…	NVD-CWE-Other	CVE-2005-0829	2016-10-18 12:14	2005-05-2	Show	GitHub Exploit DB Packet Storm

352407	-	gfi	languard_network_security_scanner	lnss.exe in GFI Languard Network Security Scanner 5.0 stores the username and password in memory in plaintext, which could allow local administrators to obtain domain administrator credentials.	NVD-CWE-Other	CVE-2005-0604	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm

352408	-	phpbb_group	phpbb	sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie.	NVD-CWE-Other	CVE-2005-0614	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm

352409	-	postnuke_software_foundation	postnuke	Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter.	NVD-CWE-Other	CVE-2005-0615	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm

352410	-	-	-	Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2)…	NVD-CWE-Other	CVE-2005-0616	2016-10-18 12:13	2005-02-28	Show	GitHub Exploit DB Packet Storm