Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5001 5.4 警告
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40929 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
5002 7.8 重要
Local 		node-modules compressing node-modulesのcompressingにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-40931 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
5003 5.3 警告
Network 		WWBN AVideo WWBNのAVideoにおける推測可能な CAPTCHA の脆弱性 CWE-804
推測可能な CAPTCHA 		CVE-2026-40935 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
5004 5.3 警告
Network 		WWBN AVideo WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41055 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
5005 8.1 重要
Network 		WWBN AVideo WWBNのAVideoにおける過度に許容されるクロスドメインホワイトリストに関する脆弱性 CWE-942
過度に許容されるクロスドメインホワイトリスト 		CVE-2026-41056 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
5006 7.5 重要
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるエントロピー不足に関する脆弱性 CWE-331
エントロピー不足 		CVE-2026-41080 2026-04-27 11:20 2026-04-16 Show GitHub Exploit DB Packet Storm
5007 7.5 重要
Network 		free5gc free5gc
pcf 		free5GCのfree5GC等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-41135 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
5008 5.3 警告
Network 		free5gc free5gc
amf 		free5GCのamf等の複数製品における予期せぬ動作に関する脆弱性  CWE-440
予期せぬ動作 		CVE-2026-41136 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
5009 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-4922 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
5010 6.1 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-5262 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347641 - radscripts radbids Multiple cross-site scripting (XSS) vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via (1) the farea parameter to faq.php or the (2) cat, (… NVD-CWE-Other
CVE-2005-1075 2017-07-11 10:32 2005-05-2 Show GitHub Exploit DB Packet Storm
347642 - azerbaijan_development_group azdgdating Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NVD-CWE-Other
CVE-2005-1081 2017-07-11 10:32 2005-05-2 Show GitHub Exploit DB Packet Storm
347643 - an an-httpd Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header. NVD-CWE-Other
CVE-2005-1086 2017-07-11 10:32 2005-05-2 Show GitHub Exploit DB Packet Storm
347644 - an an-httpd CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command,… NVD-CWE-Other
CVE-2005-1087 2017-07-11 10:32 2005-04-7 Show GitHub Exploit DB Packet Storm
347645 - dameware_development mini_remote_control
nt_utilities 		Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights. NVD-CWE-Other
CVE-2005-1088 2017-07-11 10:32 2005-05-2 Show GitHub Exploit DB Packet Storm
347646 - maxthon maxthon Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files. NVD-CWE-Other
CVE-2005-1090 2017-07-11 10:32 2005-05-2 Show GitHub Exploit DB Packet Storm
347647 - popup_plus_plugin popup_plus_plugin_for_miranda_im Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2005-1093 2017-07-11 10:32 2005-05-2 Show GitHub Exploit DB Packet Storm
347648 - - - FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges. NVD-CWE-Other
CVE-2005-1094 2017-07-11 10:32 2005-04-8 Show GitHub Exploit DB Packet Storm
347649 - ocean12_technologies membership_manager_pro Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. NVD-CWE-Other
CVE-2005-1095 2017-07-11 10:32 2005-05-2 Show GitHub Exploit DB Packet Storm
347650 - ocean12_technologies membership_manager_pro SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter. NVD-CWE-Other
CVE-2005-1096 2017-07-11 10:32 2005-04-6 Show GitHub Exploit DB Packet Storm