Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5661 5.5 警告
Local 		Linux Foundation Sigstore Timestamp Authority Linux FoundationのSigstore Timestamp Authorityにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-39984 2026-04-27 11:21 2026-04-15 Show GitHub Exploit DB Packet Storm
5662 7.1 重要
Network 		lfprojects Zarf lfprojectsのZarfにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40090 2026-04-27 11:21 2026-04-15 Show GitHub Exploit DB Packet Storm
5663 4.4 警告
Local 		Authzed, Inc. SpiceDB Authzed, Inc.のSpiceDBにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-40091 2026-04-27 11:21 2026-04-15 Show GitHub Exploit DB Packet Storm
5664 5.4 警告
Network 		OpenMage Magento OpenMageのMagentoにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40098 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
5665 7.5 重要
Network 		free5gc free5gc free5GCにおける複数の脆弱性 CWE-285
CWE-636
CVE-2026-40248 2026-04-27 11:21 2026-04-16 Show GitHub Exploit DB Packet Storm
5666 5.8 警告
Network 		free5gc free5gc
udr 		free5GCのfree5GC等の複数製品における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2026-40343 2026-04-27 11:21 2026-04-22 Show GitHub Exploit DB Packet Storm
5667 8.8 重要
Network 		OpenMage Magento OpenMageのMagentoにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-40488 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
5668 9.1 緊急
Network 		FreeScout FreeScout FreeScoutにおける複数の脆弱性 CWE-330
CWE-340
CVE-2026-40496 2026-04-27 11:21 2026-04-21 Show GitHub Exploit DB Packet Storm
5669 8.1 重要
Network 		FreeScout FreeScout FreeScoutにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40497 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
5670 8.8 重要
Network 		PJSIP pjsip PJSIPのpjsipにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-40614 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350141 - jelsoft vbulletin Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NVD-CWE-Other
CVE-2004-2076 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350142 - nadeo game_engine
trackmania
virtual_skipper 		Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service (server crash) via malformed data to TCP port 2350, possibly due to long values… NVD-CWE-Other
CVE-2004-2077 2017-07-11 10:31 2004-02-8 Show GitHub Exploit DB Packet Storm
350143 - red-m red-alert Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service (reboot and loss of logged events) via a long request to TCP port 80, possibly triggering a buffe… NVD-CWE-Other
CVE-2004-2078 2017-07-11 10:31 2004-02-9 Show GitHub Exploit DB Packet Storm
350144 - red-m red-alert Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authe… NVD-CWE-Other
CVE-2004-2079 2017-07-11 10:31 2004-02-9 Show GitHub Exploit DB Packet Storm
350145 - red-m red-alert Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single space, which prevents Red-Alert from correctly identifying the SSID. NVD-CWE-Other
CVE-2004-2080 2017-07-11 10:31 2004-02-9 Show GitHub Exploit DB Packet Storm
350146 - karjasoft sami_ftp_server The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a… NVD-CWE-Other
CVE-2004-2081 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
350147 - karjasoft sami_ftp_server The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) charac… NVD-CWE-Other
CVE-2004-2082 2017-07-11 10:31 2004-02-13 Show GitHub Exploit DB Packet Storm
350148 - jshop_e-commerce jshop_professional
jshop_server 		Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter. NVD-CWE-Other
CVE-2004-2084 2017-07-11 10:31 2004-02-7 Show GitHub Exploit DB Packet Storm
350149 - brad_fears phpcodecabinet Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) t… NVD-CWE-Other
CVE-2004-2085 2017-07-11 10:31 2004-02-4 Show GitHub Exploit DB Packet Storm
350150 - sambar sambar_server Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an … NVD-CWE-Other
CVE-2004-2086 2017-07-11 10:31 2004-02-6 Show GitHub Exploit DB Packet Storm