Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1201	5.5	警告 Local	レッドハット gimp	Red Hat Enterprise Linux gimp	gimp等の複数ベンダの製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-40919	2026-04-30 11:02	2026-04-15	Show	GitHub Exploit DB Packet Storm

1202	5.9	警告 Network	opentelemetry	opentelemetry	opentelemetryにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-41078	2026-04-30 11:02	2026-04-23	Show	GitHub Exploit DB Packet Storm

1203	6.5	警告 Network	Apache Software Foundation	Apache Storm	Apache Software FoundationのApache Stormにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-41081	2026-04-30 11:02	2026-04-27	Show	GitHub Exploit DB Packet Storm

1204	7.5	重要 Network	SQLAlchemy	mako	SQLAlchemyのmakoにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-41205	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

1205	7.8	重要 Local	Tommaso Bona (ParzivalHack)	PySpector	Tommaso Bona (ParzivalHack)のPySpectorにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-41206	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

1206	6.1	警告 Network	cure53	DOMPurify	cure53のDOMPurifyにおける複数の脆弱性	CWE-183 CWE-79	CVE-2026-41240	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

1207	5.4	警告 Network	pretalx	pretalx	pretalxにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41241	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

1208	8.1	重要 Network	Project Contour	Contour	Project ContourのContourにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41246	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

1209	9.8	緊急 Network	std42	elfinder	std42のelfinderにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-41247	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

1210	7.5	重要 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける行動ワークフローに関する脆弱性	CWE-841 行動ワークフローの不適切な実施	CVE-2026-41259	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313291	-	-	-	Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when…	NVD-CWE-Other	CVE-2004-2238	2024-08-8 11:15	2004-12-31	Show	GitHub Exploit DB Packet Storm

313292	-	gnu	less	Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings …	NVD-CWE-Other	CVE-2004-2264	2024-08-8 11:15	2004-12-31	Show	GitHub Exploit DB Packet Storm

313293	-	microsoft	windows_2000 windows_2003_server windows_xp	Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl f…	NVD-CWE-Other	CVE-2004-2339	2024-08-8 11:15	2004-12-31	Show	GitHub Exploit DB Packet Storm

313294	-	apache	http_server	Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. …	NVD-CWE-Other	CVE-2004-2343	2024-08-8 11:15	2004-12-31	Show	GitHub Exploit DB Packet Storm

313295	-	mozilla	firefox	Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a…	NVD-CWE-Other	CVE-2004-2657	2024-08-8 11:15	2004-12-31	Show	GitHub Exploit DB Packet Storm

313296	-	zonelabs	zonealarm	Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissio…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2004-2713	2024-08-8 11:15	2004-12-31	Show	GitHub Exploit DB Packet Storm

313297	-	nessus	nessus	Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue	CWE-255 Credentials Management	CVE-2004-2722	2024-08-8 11:15	2004-12-31	Show	GitHub Exploit DB Packet Storm

313298	-	php	php	PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd …	NVD-CWE-Other	CVE-2003-0249	2024-08-8 11:15	2003-12-31	Show	GitHub Exploit DB Packet Storm

313299	-	ibm	lotus_domino	NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbi…	NVD-CWE-Other	CVE-2004-1621	2024-08-8 10:15	2004-10-18	Show	GitHub Exploit DB Packet Storm

313300	-	khaled_mardam-bey	mirc	Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been …	NVD-CWE-Other	CVE-2005-4681	2024-08-8 09:15	2005-12-31	Show	GitHub Exploit DB Packet Storm