Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1331 8.1 重要
Network 		Zcash Foundation Zebra-consensus
Zebrad 		Zcash FoundationのZebra-consensus等の複数製品における誤った要素を使用した比較に関する脆弱性 CWE-1025
誤った要素を使用した比較 		CVE-2026-40880 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
1332 7.5 重要
Network 		Zcash Foundation zebra-network
Zebrad 		Zcash Foundationのzebra-network等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40881 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
1333 6.5 警告
Network 		Frappe Frappe HR FrappeのFrappe HRにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40888 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
1334 6.5 警告
Network 		Frappe Frappe HR FrappeのFrappe HRにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40889 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
1335 8.8 重要
Network 		Jos de Jong math.js Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-40897 2026-04-30 12:12 2026-04-24 Show GitHub Exploit DB Packet Storm
1336 8.8 重要
Network 		Paperclip paperclipai PaperclipのpaperclipaiにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-41208 2026-04-30 12:12 2026-04-23 Show GitHub Exploit DB Packet Storm
1337 6.5 警告
Network 		Frappe Frappe HR FrappeのFrappe HRにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-41320 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
1338 7.5 重要
Network 		chargepoint Home Flex CPH50 Firmware ChargePoint, Inc.のHome Flex CPH50 Firmwareにおける重要な情報を含むソースコードに関する脆弱性 CWE-540
機密情報を含むソースコード 		CVE-2026-4155 2026-04-30 12:12 2026-04-11 Show GitHub Exploit DB Packet Storm
1339 7.5 重要
Adjacent 		chargepoint Home Flex CPH50 Firmware ChargePoint, Inc.のHome Flex CPH50 Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-4156 2026-04-30 12:12 2026-04-11 Show GitHub Exploit DB Packet Storm
1340 7.5 重要
Adjacent 		chargepoint Home Flex CPH50 Firmware ChargePoint, Inc.のHome Flex CPH50 FirmwareにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-4157 2026-04-30 12:12 2026-04-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347181 - clam_anti-virus clamav The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an … NVD-CWE-Other
CVE-2005-3239 2010-04-2 14:50 2005-10-15 Show GitHub Exploit DB Packet Storm
347182 - linux linux_kernel A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received … NVD-CWE-Other
CVE-2004-2607 2010-04-2 13:50 2004-12-31 Show GitHub Exploit DB Packet Storm
347183 - apple iphone_os The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a craft… CWE-20
 Improper Input Validation  		CVE-2010-1226 2010-04-2 13:00 2010-04-2 Show GitHub Exploit DB Packet Storm
347184 - cisco ios Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of … NVD-CWE-noinfo
CVE-2010-0585 2010-04-1 14:40 2010-03-26 Show GitHub Exploit DB Packet Storm
347185 - ikiwiki ikiwiki Cross-site scripting (XSS) vulnerability in the htmlscrubber component in ikiwiki 2.x before 2.53.5 and 3.x before 3.20100312 allows remote attackers to inject arbitrary web script or HTML via a craf… CWE-79
Cross-site Scripting 		CVE-2010-1195 2010-04-1 13:00 2010-04-1 Show GitHub Exploit DB Packet Storm
347186 - apple mac_os_x_server Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replication, which might allow remote authenticated users to obtain login access via an expired password. CWE-255
Credentials Management 		CVE-2010-0510 2010-04-1 03:08 2010-03-31 Show GitHub Exploit DB Packet Storm
347187 - apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'This issue only affects Mac OS X Server systems' CWE-255
Credentials Management 		CVE-2010-0510 2010-04-1 03:08 2010-03-31 Show GitHub Exploit DB Packet Storm
347188 - apple mac_os_x_server Multiple stack-based buffer overflows in iChat Server in Apple Mac OS X Server before 10.6.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unsp… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0504 2010-04-1 02:14 2010-03-31 Show GitHub Exploit DB Packet Storm
347189 - apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'These issues only affect Mac OS X Server systems.' CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0504 2010-04-1 02:14 2010-03-31 Show GitHub Exploit DB Packet Storm
347190 - apple mac_os_x_server Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via unspecifi… CWE-399
 Resource Management Errors 		CVE-2010-0503 2010-04-1 02:07 2010-03-31 Show GitHub Exploit DB Packet Storm