Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
6361 8.2 重要
Network 		UltraDAG UltraDAG UltraDAGにおける複数の脆弱性 CWE-460
CWE-696
CVE-2026-40583 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
6362 7.5 重要
Network 		RansomLook RansomLook RansomLookにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40584 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
6363 5.6 警告
Local 		Home Assistant Ecosystem Home Assistant Command-line Interface (hass-cli) Home Assistant EcosystemのHome Assistant Command-line Interface (hass-cli)における複数の脆弱性 CWE-1336
CWE-94
CVE-2026-40602 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
6364 5.5 警告
Local 		Dayuan Jiang (DayuanJiang) Next AI Draw.io Dayuan Jiang (DayuanJiang)のNext AI Draw.ioにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40608 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
6365 8.1 重要
Network 		Zcash Foundation Zebra-consensus
Zebrad 		Zcash FoundationのZebra-consensus等の複数製品における誤った要素を使用した比較に関する脆弱性 CWE-1025
誤った要素を使用した比較 		CVE-2026-40880 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
6366 7.5 重要
Network 		Zcash Foundation zebra-network
Zebrad 		Zcash Foundationのzebra-network等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40881 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
6367 6.5 警告
Network 		Frappe Frappe HR FrappeのFrappe HRにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40888 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
6368 6.5 警告
Network 		Frappe Frappe HR FrappeのFrappe HRにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40889 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
6369 8.8 重要
Network 		Jos de Jong math.js Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-40897 2026-04-30 12:12 2026-04-24 Show GitHub Exploit DB Packet Storm
6370 8.8 重要
Network 		Paperclip paperclipai PaperclipのpaperclipaiにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-41208 2026-04-30 12:12 2026-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350041 - arjohn_kampman sesame_rdf_container Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attackers to gain access to repositories of other users via unknown vectors. NVD-CWE-Other
CVE-2004-2633 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350042 - - - The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. NVD-CWE-Other
CVE-2004-2634 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350043 - mcafee security_installer_control_system An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method. NVD-CWE-Other
CVE-2004-2635 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350044 - - - TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL. NVD-CWE-Other
CVE-2004-2636 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350045 - zonet zsr1104we_wireless_router_runtime_code The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 converts IP addresses of inbound connections to the IP address of the router, which allows remote attackers to bypa… NVD-CWE-Other
CVE-2004-2637 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350046 - oscommerce oscommerce The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value. NVD-CWE-Other
CVE-2004-2638 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350047 - drew_withers journalness Unspecified vulnerability in Journalness 3.0.7 and earlier allows remote attackers to create or modify posts via unknown attack vectors. NVD-CWE-Other
CVE-2004-2639 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350048 - - - Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3.1 allows remote attackers to read arbitrary files via (1) .. (dot dot) sequences or (2) absolute paths to the template parameter. NVD-CWE-Other
CVE-2004-2640 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350049 - sun sun_fire
netra_1280 		Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1280, and Netra 1280 allows remote attackers to cause a denial of service (system controller hang) via IP Packets With Type of Ser… NVD-CWE-Other
CVE-2004-2641 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm
350050 - nathaniel_bray yeemp Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender. NVD-CWE-Other
CVE-2004-2642 2017-07-20 10:29 2004-12-31 Show GitHub Exploit DB Packet Storm