Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5451 6.1 警告
Network 		angular Angular CLI angularのAngular CLIにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-33397 2026-05-1 10:38 2026-03-26 Show GitHub Exploit DB Packet Storm
5452 9.1 緊急
Network 		Fatedier FRP FatedierのFRPにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-40910 2026-05-1 10:38 2026-04-21 Show GitHub Exploit DB Packet Storm
5453 8.8 重要
Network 		VMware Spring gRPC VMwareのSpring gRPCにおける隔離または分類に関する脆弱性 CWE-653
不適切な隔離または分類 		CVE-2026-40968 2026-05-1 10:38 2026-04-28 Show GitHub Exploit DB Packet Storm
5454 5.3 警告
Network 		VMware Spring gRPC VMwareのSpring gRPCにおけるエラーメッセージによる情報漏えいに関する脆弱性 CWE-209
エラーメッセージによる情報漏えい 		CVE-2026-40969 2026-05-1 10:38 2026-04-28 Show GitHub Exploit DB Packet Storm
5455 7.5 重要
Network 		Frappe Press FrappeのPressにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-41317 2026-05-1 10:38 2026-04-24 Show GitHub Exploit DB Packet Storm
5456 6.1 警告
Network 		Frappe Press FrappeのPressにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41430 2026-05-1 10:38 2026-04-24 Show GitHub Exploit DB Packet Storm
5457 8.8 重要
Network 		D-Link Systems, Inc. DHP-1320 Firmware D-Link CorporationのDHP-1320 Firmwareにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-4529 2026-05-1 10:38 2026-03-21 Show GitHub Exploit DB Packet Storm
5458 7 重要
Local 		flos-freeware (Florian Balmer) Notepad2 flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性 CWE-426
CWE-427
CVE-2026-4545 2026-05-1 10:38 2026-03-22 Show GitHub Exploit DB Packet Storm
5459 7 重要
Local 		flos-freeware (Florian Balmer) Notepad2 flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性 CWE-426
CWE-427
CVE-2026-4546 2026-05-1 10:38 2026-03-22 Show GitHub Exploit DB Packet Storm
5460 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. 4G03 Pro Firmware Shenzhen Tenda Technology Co.,Ltd.の4G03 Pro Firmwareにおける複数の脆弱性 CWE-266
CWE-284
CVE-2026-5526 2026-05-1 10:38 2026-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350481 - - - SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters. NVD-CWE-Other
CVE-2004-1530 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350482 - invision_power_services invision_board SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter. NVD-CWE-Other
CVE-2004-1531 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350483 - appserv_open_project appserv AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access. NVD-CWE-Other
CVE-2004-1532 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350484 - digital_mappings_systems pop3_server Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a denial of service (service crash) via a long (1) username or (2) password. NVD-CWE-Other
CVE-2004-1533 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350485 - zonelabs zonealarm ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript. NVD-CWE-Other
CVE-2004-1534 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350486 - phpbb_group phpbb PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to referen… NVD-CWE-Other
CVE-2004-1535 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350487 - ipbproarcade ipbproarcade SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter. NVD-CWE-Other
CVE-2004-1536 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350488 - phpkit phpkit Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter. NVD-CWE-Other
CVE-2004-1537 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350489 - phpkit phpkit SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. NVD-CWE-Other
CVE-2004-1538 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350490 - gearbox_software halo_combat_evolved Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. NVD-CWE-Other
CVE-2004-1539 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm