Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2111 8.3 重要
Network 		RustFS RustFS RustFSにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40937 2026-04-27 10:47 2026-04-22 Show GitHub Exploit DB Packet Storm
2112 7.1 重要
Network 		WWBN AVideo WWBNのAVideoにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-41057 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2113 8.1 重要
Network 		WWBN AVideo WWBNのAVideoにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41058 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2114 6.5 警告
Network 		WWBN AVideo WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41060 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2115 5.4 警告
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41061 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2116 6.5 警告
Network 		WWBN AVideo WWBNのAVideoにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41062 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2117 5.4 警告
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41063 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2118 9.3 緊急
Network 		WWBN AVideo WWBNのAVideoにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-41064 2026-04-27 10:47 2026-04-22 Show GitHub Exploit DB Packet Storm
2119 5 警告
Network 		OpenFGA OpenFGA
Helm Charts 		OpenFGAのHelm Charts等の複数製品における複数の脆弱性 CWE-706
CWE-863
CVE-2026-41131 2026-04-27 10:47 2026-04-22 Show GitHub Exploit DB Packet Storm
2120 8.8 重要
Network 		flowiseai flowise flowiseaiのflowiseにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41137 2026-04-27 10:47 2026-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347801 - rob_flynn gaim Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2002-0384 2008-09-11 04:11 2002-10-4 Show GitHub Exploit DB Packet Storm
347802 - oracle application_server The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (d… NVD-CWE-Other
CVE-2002-0386 2008-09-11 04:11 2002-11-4 Show GitHub Exploit DB Packet Storm
347803 - isc bind ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset para… NVD-CWE-Other
CVE-2002-0400 2008-09-11 04:11 2002-06-18 Show GitHub Exploit DB Packet Storm
347804 - peaceworks_computer_consulting phormation Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. NVD-CWE-Other
CVE-2001-1237 2008-09-11 04:10 2001-10-2 Show GitHub Exploit DB Packet Storm
347805 - connect_inc. powernet_ix PowerNet IX allows remote attackers to cause a denial of service via a port scan. NVD-CWE-Other
CVE-2001-1239 2008-09-11 04:10 2001-06-29 Show GitHub Exploit DB Packet Storm
347806 - steve_grimm un-cgi Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document … NVD-CWE-Other
CVE-2001-1241 2008-09-11 04:10 2001-07-17 Show GitHub Exploit DB Packet Storm
347807 - steve_grimm un-cgi Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form. NVD-CWE-Other
CVE-2001-1242 2008-09-11 04:10 2001-07-17 Show GitHub Exploit DB Packet Storm
347808 - vwebserver vwebserver vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character (%20). NVD-CWE-Other
CVE-2001-1248 2008-09-11 04:10 2001-06-29 Show GitHub Exploit DB Packet Storm
347809 - vwebserver vwebserver vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS device names. NVD-CWE-Other
CVE-2001-1249 2008-09-11 04:10 2001-06-29 Show GitHub Exploit DB Packet Storm
347810 - vwebserver vwebserver vWebServer 1.2.0 allows remote attackers to cause a denial of service (hang) via a small number of long URL requests, possibly due to a buffer overflow. NVD-CWE-Other
CVE-2001-1250 2008-09-11 04:10 2001-06-29 Show GitHub Exploit DB Packet Storm