Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 3, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1851 4.9 警告
Network 		フォーティネット Fortiweb フォーティネットのFortiwebにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-39811 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
1852 4.8 警告
Network 		フォーティネット FortiSandbox
FortiSandbox Cloud 		フォーティネットのFortiSandbox等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-39812 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
1853 6.7 警告
Local 		フォーティネット Fortiweb フォーティネットのFortiwebにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-39814 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
1854 4.1 警告
Network 		Weblate Weblate Weblateにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-39845 2026-04-23 10:11 2026-04-15 Show GitHub Exploit DB Packet Storm
1855 5.9 警告
Network 		axios project axios axios projectのaxiosにおける複数の脆弱性 CWE-400
CWE-662
CVE-2026-39865 2026-04-23 10:11 2026-04-8 Show GitHub Exploit DB Packet Storm
1856 6.1 警告
Local 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-125
CWE-476
CWE-843
CVE-2026-39956 2026-04-23 10:11 2026-04-13 Show GitHub Exploit DB Packet Storm
1857 7.2 重要
Network 		citeum opencti citeumのopenctiにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-39980 2026-04-23 10:11 2026-04-9 Show GitHub Exploit DB Packet Storm
1858 6.1 警告
Network 		McGill University LORIS (Longitudinal Online Research and Imaging System) McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-39985 2026-04-23 10:11 2026-04-9 Show GitHub Exploit DB Packet Storm
1859 5.3 警告
Network 		Apache Software Foundation Apache Log4cxx Apache Software FoundationのApache Log4cxxにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-40023 2026-04-23 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
1860 4.8 警告
Network 		axios project axios axios projectのaxiosにおける複数の脆弱性 CWE-113
CWE-444
CWE-918
CVE-2026-40175 2026-04-23 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348631 - the_magic_notebook the_magic_notebook Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. NVD-CWE-Other
CVE-2002-1969 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
348632 - snortcenter snortcenter SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passw… NVD-CWE-Other
CVE-2002-1970 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
348633 - sourcecraft networking_utils The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument. NVD-CWE-Other
CVE-2002-1971 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
348634 - sebastian_dehne pp_powerswitch Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports. NVD-CWE-Other
CVE-2002-1972 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
348635 - sharp zaurus The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root. NVD-CWE-Other
CVE-2002-1974 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
348636 - qualcomm eudora Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment w… NVD-CWE-Other
CVE-2002-1210 2008-09-6 05:30 2002-11-29 Show GitHub Exploit DB Packet Storm
348637 - kde kde Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScri… NVD-CWE-Other
CVE-2002-1223 2008-09-6 05:30 2002-10-28 Show GitHub Exploit DB Packet Storm
348638 - kde kde Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. NVD-CWE-Other
CVE-2002-1224 2008-09-6 05:30 2002-10-28 Show GitHub Exploit DB Packet Storm
348639 - pam pam PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users. NVD-CWE-Other
CVE-2002-1227 2008-09-6 05:30 2002-10-28 Show GitHub Exploit DB Packet Storm
348640 - log2mail log2mail Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message. NVD-CWE-Other
CVE-2002-1251 2008-09-6 05:30 2002-11-12 Show GitHub Exploit DB Packet Storm