Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
6151 5.4 警告
Network 		pyLoad pyLoad pyLoadにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40071 2026-04-30 12:29 2026-04-9 Show GitHub Exploit DB Packet Storm
6152 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40099 2026-04-30 12:29 2026-04-24 Show GitHub Exploit DB Packet Storm
6153 5.4 警告
Network 		Auth0 Inc. nextjs-auth0 Auth0 Inc.のnextjs-auth0における複数の脆弱性 CWE-362
CWE-863
CVE-2026-40155 2026-04-30 12:29 2026-04-17 Show GitHub Exploit DB Packet Storm
6154 5.5 警告
Local 		systemd project systemd systemd projectのsystemdにおける不適切な動作順序に関する脆弱性 CWE-696
不適切な動作順序 		CVE-2026-40223 2026-04-30 12:29 2026-04-10 Show GitHub Exploit DB Packet Storm
6155 7.3 重要
Local 		systemd project systemd systemd projectのsystemdにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40224 2026-04-30 12:29 2026-04-10 Show GitHub Exploit DB Packet Storm
6156 6.4 警告
Physics 		systemd project systemd systemd projectのsystemdにおける領域間での誤ったリソース移動に関する脆弱性 CWE-669
領域間での誤ったリソース移動 		CVE-2026-40225 2026-04-30 12:28 2026-04-10 Show GitHub Exploit DB Packet Storm
6157 6.1 警告
Network 		FreeRDP FreeRDP FreeRDPにおける境界条件の判定に関する脆弱性 CWE-193
境界条件の判定 		CVE-2026-40254 2026-04-30 12:28 2026-04-24 Show GitHub Exploit DB Packet Storm
6158 3.7
Network 		BACnet Stack BACnet Stack BACnet Stackにおける未定義、未指定、または実装定義の動作への依存に関する脆弱性 CWE-758
未定義、未指定、または実装定義の動作への依存 		CVE-2026-40279 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
6159 7.6 重要
Network 		WeGIA WeGIA WeGIAにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40283 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
6160 6.5 警告
Network 		OpenFGA OpenFGA OpenFGAにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40293 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349911 - vserver util-vserver util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users t… NVD-CWE-Other
CVE-2005-4418 2017-07-20 10:29 2005-12-31 Show GitHub Exploit DB Packet Storm
349912 - vserver util-vserver Update to version 0.30.208 or later NVD-CWE-Other
CVE-2005-4418 2017-07-20 10:29 2005-12-31 Show GitHub Exploit DB Packet Storm
349913 - quicksquare_development honeycomb_archive
honeycomb_archive_enterprise 		Multiple SQL injection vulnerabilities in CategoryResults.cfm in Honeycomb Archive and Honeycomb Archive Enterprise 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) series, (2… NVD-CWE-Other
CVE-2005-4419 2017-07-20 10:29 2005-12-20 Show GitHub Exploit DB Packet Storm
349914 - quicksquare_development honeycomb_archive_enterprise Cross-site scripting (XSS) vulnerability in Honeycomb Archive Enterprise 3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keyword par… NVD-CWE-Other
CVE-2005-4420 2017-07-20 10:29 2005-12-20 Show GitHub Exploit DB Packet Storm
349915 - dev-editor dev-editor Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name. NVD-CWE-Other
CVE-2005-4421 2017-07-20 10:29 2005-12-20 Show GitHub Exploit DB Packet Storm
349916 - phpkit phpkit Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might allow remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the path parameter and a %00 at the end of … NVD-CWE-Other
CVE-2005-4424 2017-07-20 10:29 2005-12-20 Show GitHub Exploit DB Packet Storm
349917 - kerio winroute_firewall Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 allows remote attackers to cause a denial of service (crash) via certain RTSP streams. NVD-CWE-Other
CVE-2005-4425 2017-07-20 10:29 2005-12-20 Show GitHub Exploit DB Packet Storm
349918 - yabb yabb Interpretation conflict in YaBB before 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed … NVD-CWE-Other
CVE-2005-4426 2017-07-20 10:29 2005-12-20 Show GitHub Exploit DB Packet Storm
349919 - playsms playsms Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 allows remote attackers to inject arbitrary web script or HTML via the err parameter. NVD-CWE-Other
CVE-2005-4432 2017-07-20 10:29 2005-12-21 Show GitHub Exploit DB Packet Storm
349920 - abledesign abledesign Cross-site scripting (XSS) vulnerability in AbleDesign ReSearch 2.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unk… NVD-CWE-Other
CVE-2005-4434 2017-07-20 10:29 2005-12-21 Show GitHub Exploit DB Packet Storm