Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2081	5.4	警告 Network	Anthropic PBC	Claude SDK for TypeScript (anthropic-ai/sdk)	Anthropic PBCのClaude SDK for TypeScript (anthropic-ai/sdk)における複数の脆弱性	CWE-22 CWE-41	CVE-2026-34451	2026-04-21 10:42	2026-03-31	Show	GitHub Exploit DB Packet Storm

2082	7.1	重要 Network	Apache Software Foundation	Skywalking MCP	Apache Software FoundationのSkywalking MCPにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34476	2026-04-21 10:42	2026-04-13	Show	GitHub Exploit DB Packet Storm

2083	7.1	重要 Network	lobehub	LobeHub	lobehubのLobeHubにおける複数の脆弱性	CWE-287 CWE-290 CWE-345	CVE-2026-39411	2026-04-21 10:42	2026-04-8	Show	GitHub Exploit DB Packet Storm

2084	6.5	警告 Network	HKUDS	LightRAG	HKUDSのLightRAGにおけるデジタル署名の検証に関する脆弱性	CWE-347 デジタル署名の不適切な検証	CVE-2026-39413	2026-04-21 10:42	2026-04-8	Show	GitHub Exploit DB Packet Storm

2085	8.8	重要 Network	Shopify	Tophat	ShopifyのTophatにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-39862	2026-04-21 10:42	2026-04-8	Show	GitHub Exploit DB Packet Storm

2086	8.5	重要 Network	n8n-MCP	n8n-MCP	n8n-MCPにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-39974	2026-04-21 10:42	2026-04-9	Show	GitHub Exploit DB Packet Storm

2087	6.5	警告 Network	Hydro System. PHU. Szafraniec M.	Control System	Hydro System. PHU. Szafraniec M.のControl Systemにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-4901	2026-04-21 10:42	2026-04-9	Show	GitHub Exploit DB Packet Storm

2088	4	警告 Local	International Color Consortium (ICC)	iccDEV	International Color Consortium (ICC)のiccDEVにおける複数の脆弱性	CWE-562 CWE-665	CVE-2026-34553	2026-04-21 10:42	2026-03-31	Show	GitHub Exploit DB Packet Storm

2089	8.2	重要 Network	qdPM	qdPM	qdPMにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2018-25208	2026-04-21 10:41	2026-03-26	Show	GitHub Exploit DB Packet Storm

2090	5.5	警告 Local	SolarWinds	FTP Voyager	SolarWindsのFTP Voyagerにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2018-25252	2026-04-21 10:41	2026-04-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349291	-	hp	virtualvault	Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the…	NVD-CWE-Other	CVE-2002-0763	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349292	-	phorum	phorum	Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a …	NVD-CWE-Other	CVE-2002-0764	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349293	-	richard_gooch	simpleinit	simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with roo…	NVD-CWE-Other	CVE-2002-0767	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349294	-	luke_mewburn suse	lukemftp suse_linux	Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.	NVD-CWE-Other	CVE-2002-0768	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349295	-	cisco	ata-186	The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the att…	NVD-CWE-Other	CVE-2002-0769	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349296	-	id_software	quake_2i_server	Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand …	NVD-CWE-Other	CVE-2002-0770	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349297	-	hosting_controller	hosting_controller	Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.	NVD-CWE-Other	CVE-2002-0772	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349298	-	hosting_controller	hosting_controller	imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) …	NVD-CWE-Other	CVE-2002-0773	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349299	-	hosting_controller	hosting_controller	Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed.	NVD-CWE-Other	CVE-2002-0774	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

349300	-	hosting_controller	hosting_controller	browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.	NVD-CWE-Other	CVE-2002-0775	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm