JVN Vulnerability Search Top
Show Search Menu
|
You can search the list of vulnerabilities managed by JVN (Japan Vulnerability Note). |
Update Date:April 27, 2026, 8:58 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 201 | 5.4 |
警告
Network |
GitLab.org | GitLab | GitLab.orgのGitLabにおけるセッション期限に関する脆弱性 New |
CWE-613
Insufficient Session Expiration |
CVE-2026-6515 | 2026-04-27 11:19 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 202 | 8.8 |
重要
Network |
CPS-IT | Mailqueue | CPS-ITのMailqueueにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New |
CWE-502
Deserialization of Untrusted Data |
CVE-2026-1323 | 2026-04-27 11:19 | 2026-03-17 | Show | GitHub Exploit DB Packet Storm |
| 203 | 6.5 |
警告
Network |
Linux Foundation | Backstage/plugin-scaffolder-backend | Linux FoundationのBackstage/plugin-scaffolder-backendにおけるログファイルからの情報漏えいに関する脆弱性 New |
CWE-532
Inclusion of Sensitive Information in Log Files |
CVE-2026-29184 | 2026-04-27 11:19 | 2026-03-7 | Show | GitHub Exploit DB Packet Storm |
| 204 | 4.3 |
警告
Network |
Guido Schmechel (ayacoo) | redirect_tab | Guido Schmechel (ayacoo)のredirect_tabにおける複数の脆弱性 New |
CWE-200 CWE-862 CWE-862 Information Exposure Missing Authorization Missing Authorization |
CVE-2026-4202 | 2026-04-27 11:19 | 2026-03-17 | Show | GitHub Exploit DB Packet Storm |
| 205 | 8.8 |
重要
Network |
Ralf Freit (MrSilaz) | mfa_mail | Ralf Freit (MrSilaz)のmfa_mailにおけるユーザ制御の鍵による認証回避に関する脆弱性 New |
CWE-639
Authorization Bypass Through User-Controlled Key |
CVE-2026-4208 | 2026-04-27 11:19 | 2026-03-17 | Show | GitHub Exploit DB Packet Storm |
| 206 | 8.1 |
重要
Network |
HashiCorp | Vault | HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 New |
CWE-288
Authentication Bypass Using an Alternate Path or Channel |
CVE-2026-3605 | 2026-04-27 11:19 | 2026-04-17 | Show | GitHub Exploit DB Packet Storm |
| 207 | 9.4 |
緊急
Network |
dgraph | dgraph | dgraphにおける複数の脆弱性 New |
CWE-200 CWE-215 CWE-522 Information Exposure Insertion of Sensitive Information Into Debugging Code Insufficiently Protected Credentials |
CVE-2026-40173 | 2026-04-27 11:19 | 2026-04-15 | Show | GitHub Exploit DB Packet Storm |
| 208 | 7.8 |
重要
Local |
Composer | Composer | Composerにおける複数の脆弱性 New |
CWE-20 CWE-78 CWE-78 Improper Input Validation OS Command OS Command |
CVE-2026-40176 | 2026-04-27 11:19 | 2026-04-15 | Show | GitHub Exploit DB Packet Storm |
| 209 | 6.1 |
警告
Network |
Apostrophe Technologies |
sanitize-html ApostropheCMS |
Apostrophe TechnologiesのApostropheCMS等の複数製品におけるクロスサイトスクリプティングの脆弱性 New |
CWE-79
Cross-site Scripting |
CVE-2026-40186 | 2026-04-27 11:18 | 2026-04-15 | Show | GitHub Exploit DB Packet Storm |
| 210 | 8.8 |
重要
Network |
Composer | Composer | Composerにおける複数の脆弱性 New |
CWE-20 CWE-78 CWE-78 Improper Input Validation OS Command OS Command |
CVE-2026-40261 | 2026-04-27 11:18 | 2026-04-15 | Show | GitHub Exploit DB Packet Storm |
| 211 | 9.8 |
緊急
Network |
Phpscriptsmall | Advance Gift Shop Pro Script | PhpscriptsmallのAdvance Gift Shop Pro ScriptにおけるSQL インジェクションの脆弱性 New |
CWE-89
SQL Injection |
CVE-2019-25680 | 2026-04-27 11:18 | 2026-04-5 | Show | GitHub Exploit DB Packet Storm |
| 212 | 9.8 |
緊急
Network |
WISDOM | Pegasus CMS | WISDOMのPegasus CMSにおけるパストラバーサルの脆弱性 New |
CWE-22
Path Traversal |
CVE-2019-25687 | 2026-04-27 11:18 | 2026-04-5 | Show | GitHub Exploit DB Packet Storm |
| 213 | 8.8 |
重要
Network |
Nextcloud windmill project |
windmill Nextcloud Flow |
Nextcloud等の複数ベンダの製品における認証の欠如に関する脆弱性 New |
CWE-862
Missing Authorization |
CVE-2026-22683 | 2026-04-27 11:18 | 2026-04-7 | Show | GitHub Exploit DB Packet Storm |
| 214 | 7.5 |
重要
Network |
XiangShan | NEMU | XiangShanのNEMUにおける複数の脆弱性 New |
CWE-1287 CWE-131 Improper Validation of Specified Type of Input Incorrect Calculation of Buffer Size |
CVE-2026-29645 | 2026-04-27 11:18 | 2026-04-20 | Show | GitHub Exploit DB Packet Storm |
| 215 | 9.8 |
緊急
Network |
XiangShan | NEMU | XiangShanのNEMUにおける保護メカニズムの不具合に関する脆弱性 New |
CWE-693
Protection Mechanism Failure |
CVE-2026-29649 | 2026-04-27 11:18 | 2026-04-20 | Show | GitHub Exploit DB Packet Storm |
| 216 | 7.5 |
重要
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性 New |
CWE-125 CWE-193 Out-of-bounds Read Off-by-one Error |
CVE-2026-32605 | 2026-04-27 11:18 | 2026-04-13 | Show | GitHub Exploit DB Packet Storm |
| 217 | 9.6 |
緊急
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性 New |
CWE-1284 CWE-190 CWE-20 CWE-345 Improper Validation of Specified Quantity in Input Integer Overflow or Wraparound Improper Input Validation Insufficient Verification of Data Authenticity |
CVE-2026-33471 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 218 | 9.8 |
緊急
Network |
PowerDNS | PowerDNS Authoritative Server | PowerDNSのPowerDNS Authoritative Serverにおけるコードインジェクションの脆弱性 New |
CWE-94
Code Injection |
CVE-2026-33608 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 219 | 6.5 |
警告
Network |
PowerDNS | PowerDNS Authoritative Server | PowerDNSのPowerDNS Authoritative ServerにおけるLDAP インジェクションの脆弱性 New |
CWE-90
LDAP Injection |
CVE-2026-33609 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 220 | 7.5 |
重要
Network |
PowerDNS | PowerDNS Authoritative Server | PowerDNSのPowerDNS Authoritative Serverにおけるリソースの枯渇に関する脆弱性 New |
CWE-400
Uncontrolled Resource Consumption |
CVE-2026-33610 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 221 | 5.3 |
警告
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2026-34062 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 222 | 7.5 |
重要
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における到達可能なアサーションに関する脆弱性 New |
CWE-617
Reachable Assertion |
CVE-2026-34063 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 223 | 8.2 |
重要
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における整数アンダーフローの脆弱性 New |
CWE-191
Integer Underflow (Wrap or Wraparound) |
CVE-2026-34064 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 224 | 7.5 |
重要
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性 New |
CWE-252 CWE-755 Unchecked Return Value Improper Handling of Exceptional Conditions |
CVE-2026-34065 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 225 | 5.3 |
警告
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性 New |
CWE-20 CWE-617 CWE-754 Improper Input Validation Reachable Assertion Improper Check for Unusual or Exceptional Conditions |
CVE-2026-34066 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 226 | 6.5 |
警告
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における到達可能なアサーションに関する脆弱性 New |
CWE-617
Reachable Assertion |
CVE-2026-34067 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 227 | 6.8 |
警告
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)におけるデジタル署名の検証に関する脆弱性 New |
CWE-347
Improper Verification of Cryptographic Signature |
CVE-2026-34068 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 228 | 5.3 |
警告
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における到達可能なアサーションに関する脆弱性 New |
CWE-617
Reachable Assertion |
CVE-2026-34069 | 2026-04-27 11:18 | 2026-04-14 | Show | GitHub Exploit DB Packet Storm |
| 229 | 5.9 |
警告
Network |
leancrypto | leancrypto | leancryptoにおける数値型間の変換の誤りに関する脆弱性 New |
CWE-681
Incorrect Conversion between Numeric Types |
CVE-2026-34610 | 2026-04-27 11:18 | 2026-04-2 | Show | GitHub Exploit DB Packet Storm |
| 230 | 7.1 |
重要
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 New |
CWE-732
Incorrect Permission Assignment for Critical Resource |
CVE-2026-35341 | 2026-04-27 11:18 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 231 | 5.5 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるキャッチされない例外に関する脆弱性 New |
CWE-248
Uncaught Exception |
CVE-2026-35348 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 232 | 6.6 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるパーミッションの不適切な保持に関する脆弱性 New |
CWE-281
Improper Preservation of Permissions |
CVE-2026-35350 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 233 | 7 |
重要
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2026-35352 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 234 | 4.7 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2026-35354 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 235 | 4.7 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2026-35357 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 236 | 4.7 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおける複数の脆弱性 New |
CWE-367 CWE-59 Time-of-check Time-of-use (TOCTOU) Race Condition Link Following |
CVE-2026-35359 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 237 | 6.3 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2026-35360 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 238 | 5.6 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性 New |
CWE-22
Path Traversal |
CVE-2026-35363 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 239 | 6.3 |
警告
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2026-35364 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 240 | 3.3 |
低
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 New |
CWE-732
Incorrect Permission Assignment for Critical Resource |
CVE-2026-35367 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 241 | 7.8 |
重要
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおける信頼できない検索パスに関する脆弱性 New |
CWE-426
Untrusted Search Path |
CVE-2026-35368 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 242 | 3.3 |
低
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおける入力確認に関する脆弱性 New |
CWE-20
Improper Input Validation |
CVE-2026-35377 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 243 | 3.3 |
低
Local |
Uutils | uutils coreutils | Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性 New |
CWE-684
Incorrect Provision of Specified Functionality |
CVE-2026-35381 | 2026-04-27 11:17 | 2026-04-22 | Show | GitHub Exploit DB Packet Storm |
| 244 | 5.4 |
警告
Network |
Papra | Papra | Papraにおける複数の脆弱性 New |
CWE-79 CWE-80 Cross-site Scripting Basic XSS |
CVE-2026-35460 | 2026-04-27 11:17 | 2026-04-7 | Show | GitHub Exploit DB Packet Storm |
| 245 | 4.3 |
警告
Network |
Papra | Papra | Papraにおけるサーバサイドのリクエストフォージェリの脆弱性 New |
CWE-918
Server-Side Request Forgery (SSRF) |
CVE-2026-35461 | 2026-04-27 11:17 | 2026-04-7 | Show | GitHub Exploit DB Packet Storm |
| 246 | 4.3 |
警告
Network |
Papra | Papra | Papraにおけるセッション期限に関する脆弱性 New |
CWE-613
Insufficient Session Expiration |
CVE-2026-35462 | 2026-04-27 11:17 | 2026-04-7 | Show | GitHub Exploit DB Packet Storm |
| 247 | 8.1 |
重要
Network |
RedwoodSDK | RedwoodSDK | RedwoodSDKにおけるクロスサイトリクエストフォージェリの脆弱性 New |
CWE-352
Origin Validation Error |
CVE-2026-39371 | 2026-04-27 11:17 | 2026-04-7 | Show | GitHub Exploit DB Packet Storm |
| 248 | 8.1 |
重要
Network |
Sgbett |
BSV Ruby SDK (bsv-sdk) bsv-wallet |
Sgbettのbsv-wallet等の複数製品におけるデジタル署名の検証に関する脆弱性 New |
CWE-347
Improper Verification of Cryptographic Signature |
CVE-2026-40070 | 2026-04-27 11:17 | 2026-04-9 | Show | GitHub Exploit DB Packet Storm |
| 249 | 8.1 |
重要
Network |
Nimiq | Nimiq Proof of Stake (core-rs-albatross) | NimiqのNimiq Proof of Stake (core-rs-albatross)における入力で指定された数量の不適切な検証に関する脆弱性 New |
CWE-1284
Improper Validation of Specified Quantity in Input |
CVE-2026-40093 | 2026-04-27 11:17 | 2026-04-9 | Show | GitHub Exploit DB Packet Storm |
| 250 | 5.5 |
警告
Local |
Giskard | Giskard | Giskardにおける非効率的な正規表現の複雑さに関する脆弱性 New |
CWE-1333
Inefficient Regular Expression Complexity |
CVE-2026-40319 | 2026-04-27 11:17 | 2026-04-17 | Show | GitHub Exploit DB Packet Storm |