Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
6171 8.1 重要
Network 		The Kyverno Authors Kyverno The Kyverno AuthorsのKyvernoにおける重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2026-40868 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
6172 8.1 重要
Network 		goshs goshs goshsにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40883 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
6173 9.8 緊急
Network 		goshs goshs goshsにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-40884 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
6174 8.8 重要
Network 		goshs goshs goshsにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-40885 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
6175 7.5 重要
Network 		gomarkdown markdown gomarkdownのMarkdownにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-40890 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
6176 10 緊急
Network 		WWBN AVideo WWBNのAVideoにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-40911 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
6177 5.4 警告
Network 		Linux Foundation tekton pipelines Linux Foundationのtekton pipelinesにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40923 2026-04-30 12:27 2026-04-21 Show GitHub Exploit DB Packet Storm
6178 6.5 警告
Network 		Linux Foundation tekton pipelines Linux Foundationのtekton pipelinesにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-40924 2026-04-30 12:27 2026-04-21 Show GitHub Exploit DB Packet Storm
6179 7.5 重要
Network 		Linux Foundation tekton pipelines Linux Foundationのtekton pipelinesにおける引数の挿入または変更に関する脆弱性 CWE-88
引数の挿入または変更 		CVE-2026-40938 2026-04-30 12:27 2026-04-21 Show GitHub Exploit DB Packet Storm
6180 6.5 警告
Network 		Apache Software Foundation ActiveMQ Web
Apache ActiveMQ 		Apache Software FoundationのApache ActiveMQ等の複数製品における複数の脆弱性 CWE-79
CWE-79
CWE-915
CVE-2026-41043 2026-04-30 12:27 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351761 - invision_power_services invision_power_board Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php. NVD-CWE-Other
CVE-2004-2279 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351762 - open_webmail open_webmail The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument. NVD-CWE-Other
CVE-2004-2284 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351763 - activestate
larry_wall 		activeperl
perl 		Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a… NVD-CWE-Other
CVE-2004-2286 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351764 - - - Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically … NVD-CWE-Other
CVE-2004-2290 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351765 - alt-n mdaemon Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server. NVD-CWE-Other
CVE-2004-2292 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351766 - francisco_burzi php-nuke Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encycl… NVD-CWE-Other
CVE-2004-2293 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351767 - - - SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter. NVD-CWE-Other
CVE-2004-2295 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351768 - francisco_burzi php-nuke The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7.3, when running on Windows systems, allows remote attackers to obtain sensitive information via an invalid date parameter, which… NVD-CWE-Other
CVE-2004-2296 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351769 - francisco_burzi php-nuke The Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large, out-of-range score parameter. NVD-CWE-Other
CVE-2004-2297 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351770 - - - Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header. NVD-CWE-Other
CVE-2004-2299 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm