Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1391 8.3 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2026-6921 2026-04-27 10:45 2026-04-23 Show GitHub Exploit DB Packet Storm
1392 - - 三菱電機 MELSEC iQ-F FX5-EIP形EtherNet/IPユニット
MELSEC iQ-Fシリーズ FX5-ENET/IP形Ethernetユニット 		MELSEC iQ-FシリーズのEtherNet/IPユニットおよびEthernetユニットのEthernet機能における複数の脆弱性 CWE-404
CWE-670
CVE-2026-1874
CVE-2026-1875
CVE-2026-1876 		2026-04-24 17:45 2026-03-3 Show GitHub Exploit DB Packet Storm
1393 5.4 警告
Network 		Apache Software Foundation Apache ActiveMQ
Apache ActiveMQ MQTT 		Apache ActiveMQシリーズにおけるMQTTパケット検証不備の脆弱性[AMQ-9810] CWE-Other
その他 		CVE-2025-66168
CVE-2026-40046 		2026-04-24 12:11 2026-03-4 Show GitHub Exploit DB Packet Storm
1394 9.1 緊急
Network 		oauth2_proxy project oauth2_proxy oauth2_proxy projectのoauth2_proxyにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-34457 2026-04-24 11:44 2026-04-14 Show GitHub Exploit DB Packet Storm
1395 5.9 警告
Network 		OpenClaw OpenClaw OpenClawにおける不十分なランダム値の使用に関する脆弱性 CWE-330
不十分なランダム値の使用 		CVE-2026-34511 2026-04-24 11:44 2026-04-3 Show GitHub Exploit DB Packet Storm
1396 7.1 重要
Network 		Chamilo Association Chamilo LMS Chamilo AssociationのChamilo LMSにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-34602 2026-04-24 11:44 2026-04-14 Show GitHub Exploit DB Packet Storm
1397 8.8 重要
Network 		Electron electron Electronのelectronにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-34770 2026-04-24 11:44 2026-04-4 Show GitHub Exploit DB Packet Storm
1398 8.8 重要
Network 		Electron electron Electronのelectronにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-34771 2026-04-24 11:44 2026-04-4 Show GitHub Exploit DB Packet Storm
1399 8.8 重要
Network 		Electron electron Electronのelectronにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-34772 2026-04-24 11:44 2026-04-4 Show GitHub Exploit DB Packet Storm
1400 7.5 重要
Network 		Electron electron Electronのelectronにおける複数の脆弱性 CWE-20
CWE-74
CWE-74
CVE-2026-34773 2026-04-24 11:44 2026-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314091 5.5 MEDIUM
Local 		lutel lutelwall LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. CWE-59
Link Following 		CVE-2005-1879 2024-01-27 02:01 2005-06-9 Show GitHub Exploit DB Packet Storm
314092 5.5 MEDIUM
Local 		everybuddy everybuddy everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. CWE-59
Link Following 		CVE-2005-1880 2024-01-27 02:00 2005-06-6 Show GitHub Exploit DB Packet Storm
314093 5.5 MEDIUM
Local 		mathopd mathopd The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dum… CWE-59
Link Following 		CVE-2005-0824 2024-01-27 02:00 2005-05-2 Show GitHub Exploit DB Packet Storm
314094 5.5 MEDIUM
Local 		joseph_allen joe Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. CWE-59
Link Following 		CVE-2000-1178 2024-01-27 01:59 2001-01-9 Show GitHub Exploit DB Packet Storm
314095 5.5 MEDIUM
Local 		hp hp-ux HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messa… CWE-59
Link Following 		CVE-2000-0972 2024-01-27 01:56 2000-12-19 Show GitHub Exploit DB Packet Storm
314096 5.5 MEDIUM
Local 		perl perl Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. CWE-59
Link Following 		CVE-1999-1386 2024-01-27 01:54 1999-12-31 Show GitHub Exploit DB Packet Storm
314097 5.5 MEDIUM
Local 		freebsd freebsd FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system. CWE-59
Link Following 		CVE-1999-0783 2024-01-27 01:54 1998-06-16 Show GitHub Exploit DB Packet Storm
314098 - nextweb nextweb_\(i\)site NEXTWEB (i)Site stores databases under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to databases/Users.md… CWE-552
 Files or Directories Accessible to External Parties 		CVE-2005-1835 2024-01-26 06:50 2005-06-1 Show GitHub Exploit DB Packet Storm
314099 7.5 HIGH
Network 		kde
debian 		kde
debian_linux 		The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and… CWE-281
 Improper Preservation of Permissions 		CVE-2005-1920 2024-01-26 06:11 2005-07-26 Show GitHub Exploit DB Packet Storm
314100 - baalsystems baal_smart_forms Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php. CWE-425
 Direct Request ('Forced Browsing') 		CVE-2004-2144 2024-01-26 06:11 2004-12-31 Show GitHub Exploit DB Packet Storm