Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2101 9 緊急
Network 		Thymeleaf Thymeleaf Thymeleafにおける複数の脆弱性 CWE-1336
CWE-917
CVE-2026-40477 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2102 9 緊急
Network 		Thymeleaf Thymeleaf Thymeleafにおける複数の脆弱性 CWE-1336
CWE-917
CVE-2026-40478 2026-04-27 10:47 2026-04-17 Show GitHub Exploit DB Packet Storm
2103 7.1 重要
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40599 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2104 4.4 警告
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-40604 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2105 4.8 警告
Network 		mitmproxy mitmproxy mitmproxyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40606 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2106 7.5 重要
Network 		coturn project coturn coturn projectのcoturnにおける不正な型変換に関する脆弱性 CWE-704
不正な型変換またはキャスト 		CVE-2026-40613 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2107 8.8 重要
Network 		goshs goshs goshsにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40876 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2108 7.5 重要
Network 		- NestJSにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40879 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2109 7.6 重要
Network 		openremote openremote openremoteにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-40882 2026-04-27 10:47 2026-04-22 Show GitHub Exploit DB Packet Storm
2110 8.3 重要
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40925 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350101 - zack_coburn meunity_community_system Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when creating a topic. NVD-CWE-Other
CVE-2002-1808 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350102 - belkin f5d6130_wnap Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to cause a denial of service (connection loss) by sending several SNMP GetNextRequest requests. NVD-CWE-Other
CVE-2002-1811 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350103 - gdam gdam Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter. NVD-CWE-Other
CVE-2002-1812 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350104 - aol instant_messenger Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link. NVD-CWE-Other
CVE-2002-1813 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350105 - gnome
mandrakesoft
redhat
slackware 		bonobo
mandrake_linux
linux
slackware_linux 		Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. NVD-CWE-Other
CVE-2002-1814 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350106 - aquonics_scripting aquonics_file_manager Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. NVD-CWE-Other
CVE-2002-1815 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350107 - symantec_veritas cluster_server Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX allows attackers to gain privileges via unknown attack ve… NVD-CWE-Other
CVE-2002-1817 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350108 - ez_systems httpbench ezhttpbench.php in eZ httpbench 1.1 allows remote attackers to read arbitrary files via a full pathname in the AnalyseSite parameter. NVD-CWE-Other
CVE-2002-1818 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350109 - tinyhttpd tinyhttpd Directory traversal vulnerability in TinyHTTPD 0.1 .0 allows remote attackers to read or execute arbitrary files via a ".." (dot dot) in the URL. NVD-CWE-Other
CVE-2002-1819 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
350110 - ultimate_php_board ultimate_php_board Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to (1) admin_members.php, (2) admin_config.php, (3) adm… NVD-CWE-Other
CVE-2002-1821 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm