Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
6251 5.3 警告
Network 		opentelemetry opentelemetry
OpenTelemetry.Extensions.Propagators
Opentelemetry.api 		opentelemetryのOpentelemetry.api等の複数製品における過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-40894 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
6252 10 緊急
Network 		VoidZero Inc. Vite+ VoidZero Inc.のVite+におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41211 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
6253 5.4 警告
Network 		Siemvk (siemvk) Openlearn Siemvk (siemvk)のOpenlearnにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41243 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
6254 8.8 重要
Network 		Deskflow Deskflow Deskflowにおける古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-41476 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
6255 7.8 重要
Local 		Deskflow Deskflow Deskflowにおける複数の脆弱性 CWE-306
CWE-862
CVE-2026-41477 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
6256 6.5 警告
Network 		langchain Langchain-text-splitters langchainのLangchain-text-splittersにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41481 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
6257 3.1
Network 		langchain Langchain-openai langchainのLangchain-openaiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41488 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
6258 9.8 緊急
Network 		Steven Fackler rust-openssl rust-OpenSSL Projectのrust-OpenSSLにおける複数の脆弱性 CWE-131
CWE-787
CVE-2026-41676 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
6259 9.1 緊急
Network 		Steven Fackler rust-openssl rust-OpenSSL Projectのrust-OpenSSLにおける複数の脆弱性 CWE-125
CWE-1284
CVE-2026-41677 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
6260 9.8 緊急
Network 		Steven Fackler rust-openssl rust-OpenSSL Projectのrust-OpenSSLにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-41678 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348871 - edgewall_software trac Cross-site scripting (XSS) vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro… NVD-CWE-Other
CVE-2006-2106 2017-07-20 10:31 2006-04-29 Show GitHub Exploit DB Packet Storm
348872 - virtual_private_server vserver Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only in… NVD-CWE-Other
CVE-2006-2110 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348873 - virtual_private_server vserver This vulnerability is addressed in the following product releases: Virtual Private Server, Vserver, 2.0.2-rc18 Virtual Private Server, Vserver, 2.1.1-rc18 NVD-CWE-Other
CVE-2006-2110 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348874 - network_administration_visualized network_administration_visualized Multiple SQL injection vulnerabilities in the report interface in Network Administration Visualized (NAV) before 3.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors. NVD-CWE-Other
CVE-2006-2123 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348875 - turnkey_solutions sunshop_shopping_cart Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) ite… NVD-CWE-Other
CVE-2006-2124 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348876 - avalon_ltd maxtrade SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categori and (2) stranica parameters. NVD-CWE-Other
CVE-2006-2126 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348877 - deltascripts pro_publish Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in set_inc.php. NVD-CWE-Other
CVE-2006-2129 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348878 - advanced_poll advanced_poll SQL injection vulnerability in include/class_poll.php in Advanced Poll 2.0.4 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. NVD-CWE-Other
CVE-2006-2130 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348879 - advanced_poll advanced_poll Successful exploitation requires that magic_quotes_gpc is set to off. NVD-CWE-Other
CVE-2006-2130 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm
348880 - advanced_poll advanced_poll include/class_poll.php in Advanced Poll 2.0.4 uses the HTTP_X_FORWARDED_FOR (X-Forwarded-For HTTP header) to identify the IP address of a client, which makes it easier for remote attackers to spoof t… NVD-CWE-Other
CVE-2006-2131 2017-07-20 10:31 2006-05-2 Show GitHub Exploit DB Packet Storm