Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5021	8.1	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-3605	2026-04-27 11:19	2026-04-17	Show	GitHub Exploit DB Packet Storm

5022	9.4	緊急 Network	dgraph	dgraph	dgraphにおける複数の脆弱性	CWE-200 CWE-215 CWE-522	CVE-2026-40173	2026-04-27 11:19	2026-04-15	Show	GitHub Exploit DB Packet Storm

5023	7.8	重要 Local	Composer	Composer	Composerにおける複数の脆弱性	CWE-20 CWE-78 CWE-78	CVE-2026-40176	2026-04-27 11:19	2026-04-15	Show	GitHub Exploit DB Packet Storm

5024	6.1	警告 Network	Apostrophe Technologies	sanitize-html ApostropheCMS	Apostrophe TechnologiesのApostropheCMS等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40186	2026-04-27 11:18	2026-04-15	Show	GitHub Exploit DB Packet Storm

5025	8.8	重要 Network	Composer	Composer	Composerにおける複数の脆弱性	CWE-20 CWE-78 CWE-78	CVE-2026-40261	2026-04-27 11:18	2026-04-15	Show	GitHub Exploit DB Packet Storm

5026	9.8	緊急 Network	Phpscriptsmall	Advance Gift Shop Pro Script	PhpscriptsmallのAdvance Gift Shop Pro ScriptにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2019-25680	2026-04-27 11:18	2026-04-5	Show	GitHub Exploit DB Packet Storm

5027	9.8	緊急 Network	WISDOM	Pegasus CMS	WISDOMのPegasus CMSにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2019-25687	2026-04-27 11:18	2026-04-5	Show	GitHub Exploit DB Packet Storm

5028	8.8	重要 Network	Nextcloud windmill project	windmill Nextcloud Flow	Nextcloud等の複数ベンダの製品における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-22683	2026-04-27 11:18	2026-04-7	Show	GitHub Exploit DB Packet Storm

5029	7.5	重要 Network	XiangShan	NEMU	XiangShanのNEMUにおける複数の脆弱性	CWE-1287 CWE-131	CVE-2026-29645	2026-04-27 11:18	2026-04-20	Show	GitHub Exploit DB Packet Storm

5030	9.8	緊急 Network	XiangShan	NEMU	XiangShanのNEMUにおける保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-29649	2026-04-27 11:18	2026-04-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
350401	-	easyguppy	easyguppy	Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cle…	NVD-CWE-Other	CVE-2005-3156	2016-10-18 12:33	2005-10-6	Show	GitHub Exploit DB Packet Storm

350402	-	php_fusion	php_fusion	SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 a…	NVD-CWE-Other	CVE-2005-3157	2016-10-18 12:33	2005-10-6	Show	GitHub Exploit DB Packet Storm

350403	-	php_fusion	php_fusion	SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, …	NVD-CWE-Other	CVE-2005-3158	2016-10-18 12:33	2005-10-6	Show	GitHub Exploit DB Packet Storm

350404	-	gfi	mailsecurity	Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: t…	NVD-CWE-Other	CVE-2005-3182	2016-10-18 12:33	2005-10-20	Show	GitHub Exploit DB Packet Storm

350405	-	planet_technology_corp	fgsw2402rs	Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges.	NVD-CWE-Other	CVE-2005-3196	2016-10-18 12:33	2005-10-14	Show	GitHub Exploit DB Packet Storm

350406	-	kaspersky_lab	kaspersky_anti-virus	Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malforme…	NVD-CWE-Other	CVE-2005-3210	2016-10-18 12:33	2005-10-14	Show	GitHub Exploit DB Packet Storm

350407	-	softwin	bitdefender_antivirus	Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malfor…	NVD-CWE-Other	CVE-2005-3211	2016-10-18 12:33	2005-10-14	Show	GitHub Exploit DB Packet Storm

350408	-	eset_software	nod32_antivirus	Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed ce…	NVD-CWE-Other	CVE-2005-3212	2016-10-18 12:33	2005-10-14	Show	GitHub Exploit DB Packet Storm

350409	-	frisk_software	f-prot_antivirus	Multiple interpretation error in unspecified versions of F-Prot Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3213	2016-10-18 12:33	2005-10-14	Show	GitHub Exploit DB Packet Storm

350410	-	alwil	avast_antivirus	Multiple interpretation error in unspecified versions of Avast Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed ce…	NVD-CWE-Other	CVE-2005-3214	2016-10-18 12:33	2005-10-14	Show	GitHub Exploit DB Packet Storm