Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5261	8.1	重要 Network	Pavel Shklovsky (pab1it0)	Azure Data Explorer MCP Server	Pavel Shklovsky (pab1it0)のAzure Data Explorer MCP Serverにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-33980	2026-04-24 11:37	2026-03-27	Show	GitHub Exploit DB Packet Storm

5262	6.1	警告 Network	アドビシステムズ	Adobe Connect Adobe Connect Desktop Application	アドビのAdobe Connect等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-34614	2026-04-24 11:37	2026-04-14	Show	GitHub Exploit DB Packet Storm

5263	10	緊急 Network	アドビシステムズ	Adobe Connect Adobe Connect Desktop Application	アドビのAdobe Connect等の複数製品における信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-34615	2026-04-24 11:37	2026-04-14	Show	GitHub Exploit DB Packet Storm

5264	8.7	重要 Network	アドビシステムズ	Adobe Connect Adobe Connect Desktop Application	アドビのAdobe Connect等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-34617	2026-04-24 11:37	2026-04-14	Show	GitHub Exploit DB Packet Storm

5265	7.5	重要 Network	Nhost	Nhost/auth	NhostのNhost/authにおける複数の脆弱性	CWE-200 CWE-598	CVE-2026-34969	2026-04-24 11:37	2026-04-6	Show	GitHub Exploit DB Packet Storm

5266	9.8	緊急 Network	Aperi'Solve	Aperi'Solve	Aperi'SolveにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-34977	2026-04-24 11:37	2026-04-6	Show	GitHub Exploit DB Packet Storm

5267	8.8	重要 Network	oobabooga	TextGen	oobaboogaのTextGenにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35050	2026-04-24 11:37	2026-04-6	Show	GitHub Exploit DB Packet Storm

5268	7.2	重要 Network	Sanjay Sharma (sanjay1313)	Visitor-Management-System	Sanjay Sharma (sanjay1313)のVisitor-Management-Systemにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-37748	2026-04-24 11:37	2026-04-21	Show	GitHub Exploit DB Packet Storm

5269	7.5	重要 Network	Little CMS	Little CMS	Little CMSにおける複数の脆弱性	CWE-190 CWE-696	CVE-2026-41254	2026-04-24 11:36	2026-04-18	Show	GitHub Exploit DB Packet Storm

5270	5.3	警告 Network	MetaCPAN BEROV	Ado::Sessions	MetaCPAN BEROVのAdo::Sessionsにおける複数の脆弱性	CWE-338 CWE-340	CVE-2026-5083	2026-04-24 11:36	2026-04-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348561	-	webct	webct	Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags.	NVD-CWE-Other	CVE-2004-2015	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348562	-	netchat	subnet_chat_application	Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request.	NVD-CWE-Other	CVE-2004-2016	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348563	-	turbotraffictrader	turbotraffictrader_c	Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to …	NVD-CWE-Other	CVE-2004-2017	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348564	-	francisco_burzi	php-nuke	PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remot…	NVD-CWE-Other	CVE-2004-2018	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348565	-	francisco_burzi	php-nuke	The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message.	NVD-CWE-Other	CVE-2004-2019	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348566	-	activestate	activeperl	ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a l…	NVD-CWE-Other	CVE-2004-2022	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348567	-	apsis	pound	Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages.	NVD-CWE-Other	CVE-2004-2026	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348568	-	icecast	icecast	Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a long Basic Authorization header that triggers an out-of-bounds read.	NVD-CWE-Other	CVE-2004-2027	2017-07-11 10:31	2004-05-10	Show	GitHub Exploit DB Packet Storm

348569	-	e107	e107	Cross-site scripting (XSS) vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php.	NVD-CWE-Other	CVE-2004-2028	2017-07-11 10:31	2004-05-21	Show	GitHub Exploit DB Packet Storm

348570	-	trevor_hogan	bnbt	The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "…	NVD-CWE-Other	CVE-2004-2029	2017-07-11 10:31	2004-05-22	Show	GitHub Exploit DB Packet Storm