Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5441 4.3 警告
Network 		Guido Schmechel (ayacoo) redirect_tab Guido Schmechel (ayacoo)のredirect_tabにおける複数の脆弱性 CWE-200
CWE-862
CWE-862
CVE-2026-4202 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
5442 8.8 重要
Network 		Ralf Freit (MrSilaz) mfa_mail Ralf Freit (MrSilaz)のmfa_mailにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-4208 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
5443 8.1 重要
Network 		HashiCorp Vault HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 CWE-288
代替パスまたはチャネルを使用した認証回避 		CVE-2026-3605 2026-04-27 11:19 2026-04-17 Show GitHub Exploit DB Packet Storm
5444 9.4 緊急
Network 		dgraph dgraph dgraphにおける複数の脆弱性 CWE-200
CWE-215
CWE-522
CVE-2026-40173 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
5445 7.8 重要
Local 		Composer Composer Composerにおける複数の脆弱性 CWE-20
CWE-78
CWE-78
CVE-2026-40176 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
5446 6.1 警告
Network 		Apostrophe Technologies sanitize-html
ApostropheCMS 		Apostrophe TechnologiesのApostropheCMS等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40186 2026-04-27 11:18 2026-04-15 Show GitHub Exploit DB Packet Storm
5447 8.8 重要
Network 		Composer Composer Composerにおける複数の脆弱性 CWE-20
CWE-78
CWE-78
CVE-2026-40261 2026-04-27 11:18 2026-04-15 Show GitHub Exploit DB Packet Storm
5448 9.8 緊急
Network 		Phpscriptsmall Advance Gift Shop Pro Script PhpscriptsmallのAdvance Gift Shop Pro ScriptにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2019-25680 2026-04-27 11:18 2026-04-5 Show GitHub Exploit DB Packet Storm
5449 9.8 緊急
Network 		WISDOM Pegasus CMS WISDOMのPegasus CMSにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2019-25687 2026-04-27 11:18 2026-04-5 Show GitHub Exploit DB Packet Storm
5450 8.8 重要
Network 		Nextcloud
windmill project		 windmill
Nextcloud Flow 		Nextcloud等の複数ベンダの製品における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-22683 2026-04-27 11:18 2026-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349641 - nilesh_dosooye phpcodegenie Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) … NVD-CWE-Other
CVE-2004-2538 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349642 - network_appliance data_ontap
netcache 		Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vector… NVD-CWE-Other
CVE-2004-2539 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349643 - sun jdk
jre 		readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted seri… NVD-CWE-Other
CVE-2004-2540 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349644 - dynix webpac Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to exe… NVD-CWE-Other
CVE-2004-2542 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349645 - securecomputing sidewinder_g2 Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MI… NVD-CWE-Other
CVE-2004-2543 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349646 - securecomputing sidewinder_g2 Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information. NVD-CWE-Other
CVE-2004-2544 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349647 - netwin surgemail
webmail 		NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a n… NVD-CWE-Other
CVE-2004-2547 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349648 - photopost photopost_php_pro SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain unauthorized access via the photo variable. NVD-CWE-Other
CVE-2004-0239 2017-07-11 10:30 2004-11-23 Show GitHub Exploit DB Packet Storm
349649 - qualiteam x-cart Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. (dot dot) in the shop_closed_file argument to auth.php. NVD-CWE-Other
CVE-2004-0240 2017-07-11 10:30 2004-11-23 Show GitHub Exploit DB Packet Storm
349650 - qualiteam x-cart X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php. NVD-CWE-Other
CVE-2004-0241 2017-07-11 10:30 2004-11-23 Show GitHub Exploit DB Packet Storm