Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2031 6.5 警告
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40160 2026-04-21 10:44 2026-04-10 Show GitHub Exploit DB Packet Storm
2032 8.1 重要
Network 		b3log SiYuan B3logのSiYuanにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-40259 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
2033 8.4 重要
Local 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品における複数の脆弱性 CWE-426
CWE-94
CVE-2026-40287 2026-04-21 10:44 2026-04-14 Show GitHub Exploit DB Packet Storm
2034 9.8 緊急
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品における複数の脆弱性 CWE-78
CWE-94
CVE-2026-40288 2026-04-21 10:44 2026-04-14 Show GitHub Exploit DB Packet Storm
2035 9.1 緊急
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-40289 2026-04-21 10:44 2026-04-14 Show GitHub Exploit DB Packet Storm
2036 9.8 緊急
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-40315 2026-04-21 10:44 2026-04-14 Show GitHub Exploit DB Packet Storm
2037 8.5 重要
Network 		b3log SiYuan B3logのSiYuanにおけるパストラバーサルの脆弱性 CWE-24
パストラバーサル (../filedir) 		CVE-2026-40318 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
2038 9 緊急
Network 		b3log SiYuan B3logのSiYuanにおける複数の脆弱性 CWE-79
CWE-94
CVE-2026-40322 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
2039 7.2 重要
Network 		フォーティネット Fortiweb フォーティネットのFortiwebにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-40688 2026-04-21 10:44 2026-04-14 Show GitHub Exploit DB Packet Storm
2040 6.5 警告
Network 		DataEase DataEase DataEaseにおける許容された入力値の許可リストに関する脆弱性 CWE-183
許容された入力値の許可リスト 		CVE-2026-40899 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348221 - ibm hardware_management_console Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard. NVD-CWE-Other
CVE-2005-0539 2008-09-6 05:46 2005-05-2 Show GitHub Exploit DB Packet Storm
348222 - phpmyadmin phpmyadmin phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.ph… NVD-CWE-Other
CVE-2005-0544 2008-09-6 05:46 2005-05-2 Show GitHub Exploit DB Packet Storm
348223 - cupidsystems cis_webserver Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL. NVD-CWE-Other
CVE-2005-0574 2008-09-6 05:46 2005-05-2 Show GitHub Exploit DB Packet Storm
348224 - sun solaris Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files. NVD-CWE-Other
CVE-2005-0576 2008-09-6 05:46 2005-05-2 Show GitHub Exploit DB Packet Storm
348225 - dna mkbold-mkitalic Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier allows remote attackers to execute arbitrary code via crafted BDF font files. NVD-CWE-Other
CVE-2005-0577 2008-09-6 05:46 2005-05-2 Show GitHub Exploit DB Packet Storm
348226 - freenx freenx nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication. NVD-CWE-Other
CVE-2005-0579 2008-09-6 05:46 2005-02-25 Show GitHub Exploit DB Packet Storm
348227 - krzysztof_dabrowski cmd5checkpw cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file. NVD-CWE-Other
CVE-2005-0580 2008-09-6 05:46 2005-02-25 Show GitHub Exploit DB Packet Storm
348228 - apple mac_os_x_server Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code. NVD-CWE-Other
CVE-2005-0594 2008-09-6 05:46 2005-05-4 Show GitHub Exploit DB Packet Storm
348229 - php php PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size. NVD-CWE-Other
CVE-2005-0596 2008-09-6 05:46 2005-05-2 Show GitHub Exploit DB Packet Storm
348230 - webmod webmod Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a POST request with a Content-Length that is less … NVD-CWE-Other
CVE-2005-0608 2008-09-6 05:46 2005-02-28 Show GitHub Exploit DB Packet Storm