Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5341	9.8	緊急 Network	FreeScout	FreeScout	FreeScoutにおける複数の脆弱性	CWE-200 CWE-284 CWE-770	CVE-2026-40498	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

5342	6.1	警告 Network	FreeScout	FreeScout	FreeScoutにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40565	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

5343	7.1	重要 Network	OpenProject	OpenProject	OpenProjectにおける複数の脆弱性	CWE-367 CWE-639	CVE-2026-40896	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

5344	7.1	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-40926	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

5345	9.9	緊急 Network	flowiseai	flowise	flowiseaiのflowiseにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-40933	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

5346	9.8	緊急 Network	protobufjs project	protobufjs	protobufjs projectのprotobufjsにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41242	2026-04-24 11:41	2026-04-18	Show	GitHub Exploit DB Packet Storm

5347	7.5	重要 Network	Junrar project	Junrar	Junrar projectのJunrarにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-41245	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

5348	7.5	重要 Network	projectdiscovery	nuclei	ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41282	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

5349	7.1	重要 Local	オートデスク株式会社	Autodesk Fusion	オートデスク株式会社のAutodesk Fusionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4344	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

5350	7.1	重要 Local	オートデスク株式会社	Autodesk Fusion	オートデスク株式会社のAutodesk Fusionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4345	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
356151	-	sco	openserver unixware	The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a…	NVD-CWE-Other	CVE-2004-1039	2008-09-6 05:40	2005-01-11	Show	GitHub Exploit DB Packet Storm

356152	-	citrix	metaframe_client program_neighborhood_agent	Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via…	NVD-CWE-Other	CVE-2004-1077	2008-09-6 05:40	2004-04-26	Show	GitHub Exploit DB Packet Storm

356153	-	citrix	metaframe_client program_neighborhood_agent	Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote at…	NVD-CWE-Other	CVE-2004-1078	2008-09-6 05:40	2004-04-26	Show	GitHub Exploit DB Packet Storm

356154	-	netscape	navigator	Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a d…	NVD-CWE-Other	CVE-2004-1160	2008-09-6 05:40	2005-01-10	Show	GitHub Exploit DB Packet Storm

356155	-	gfi	mailessentials mailsecurity	A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI …	NVD-CWE-Other	CVE-2004-1312	2008-09-6 05:40	2005-01-3	Show	GitHub Exploit DB Packet Storm

356156	-	apple	quicktime mac_os_x mac_os_x_server	AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.	NVD-CWE-Other	CVE-2004-0921	2008-09-6 05:39	2005-01-27	Show	GitHub Exploit DB Packet Storm

356157	-	apple	quicktime mac_os_x mac_os_x_server	AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is…	NVD-CWE-Other	CVE-2004-0922	2008-09-6 05:39	2005-01-27	Show	GitHub Exploit DB Packet Storm

356158	-	easy_software_products apple	cups mac_os_x mac_os_x_server	NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not.	NVD-CWE-Other	CVE-2004-0924	2008-09-6 05:39	2005-01-27	Show	GitHub Exploit DB Packet Storm

356159	-	easy_software_products apple	cups mac_os_x mac_os_x_server	Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.	NVD-CWE-Other	CVE-2004-0926	2008-09-6 05:39	2005-01-27	Show	GitHub Exploit DB Packet Storm

356160	-	easy_software_products apple	cups mac_os_x mac_os_x_server	ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.	NVD-CWE-Other	CVE-2004-0927	2008-09-6 05:39	2005-01-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed