Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 12:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5771	7.5	重要 Network	SQLAlchemy	mako	SQLAlchemyのmakoにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-41205	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5772	7.8	重要 Local	Tommaso Bona (ParzivalHack)	PySpector	Tommaso Bona (ParzivalHack)のPySpectorにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-41206	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5773	6.1	警告 Network	cure53	DOMPurify	cure53のDOMPurifyにおける複数の脆弱性	CWE-183 CWE-79	CVE-2026-41240	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5774	5.4	警告 Network	pretalx	pretalx	pretalxにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41241	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5775	8.1	重要 Network	Project Contour	Contour	Project ContourのContourにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41246	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5776	9.8	緊急 Network	std42	elfinder	std42のelfinderにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-41247	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5777	7.5	重要 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける行動ワークフローに関する脆弱性	CWE-841 行動ワークフローの不適切な実施	CVE-2026-41259	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

5778	9.1	緊急 Network	dgraph	dgraph	dgraphにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-41327	2026-04-30 11:01	2026-04-24	Show	GitHub Exploit DB Packet Storm

5779	9.1	緊急 Network	dgraph	dgraph	dgraphにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-41328	2026-04-30 11:01	2026-04-24	Show	GitHub Exploit DB Packet Storm

5780	3.7	低 Network	OpenClaw	OpenClaw	OpenClawにおけるインタラクション頻度の制御に関する脆弱性	CWE-799 インタラクション頻度の不適切な制御	CVE-2026-41333	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
355961	-	analogx	proxy	Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the POP3 protocol.	NVD-CWE-Other	CVE-2000-0658	2008-09-11 04:05	2000-07-25	Show	GitHub Exploit DB Packet Storm

355962	-	analogx	proxy	Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request.	NVD-CWE-Other	CVE-2000-0659	2008-09-11 04:05	2000-07-25	Show	GitHub Exploit DB Packet Storm

355963	-	conectiva	linux	Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.	NVD-CWE-Other	CVE-2000-0667	2008-09-11 04:05	2000-07-27	Show	GitHub Exploit DB Packet Storm

355964	-	netscape	communicator	Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp"…	NVD-CWE-Other	CVE-2000-0676	2008-09-11 04:05	2000-10-20	Show	GitHub Exploit DB Packet Storm

355965	-	pgp	pgp	PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's publi…	NVD-CWE-Other	CVE-2000-0678	2008-09-11 04:05	2000-10-20	Show	GitHub Exploit DB Packet Storm

355966	-	bea	weblogic_server	BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.	NVD-CWE-Other	CVE-2000-0684	2008-09-11 04:05	2000-10-20	Show	GitHub Exploit DB Packet Storm

355967	-	bea	weblogic_server	BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any sourc…	NVD-CWE-Other	CVE-2000-0685	2008-09-11 04:05	2000-10-20	Show	GitHub Exploit DB Packet Storm

355968	-	cgi_script_center	auction_weaver	Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.	NVD-CWE-Other	CVE-2000-0690	2008-09-11 04:05	2000-10-20	Show	GitHub Exploit DB Packet Storm

355969	-	larry_wall	perl	suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" envi…	NVD-CWE-Other	CVE-2000-0703	2008-09-11 04:05	2000-10-20	Show	GitHub Exploit DB Packet Storm

355970	-	luca_deri	ntop	ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack.	NVD-CWE-Other	CVE-2000-0705	2008-09-11 04:05	2000-10-20	Show	GitHub Exploit DB Packet Storm