Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2201 5.4 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40479 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2202 4.3 警告
Network 		Kimai project kimai Kimai projectのKimaiにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-40486 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2203 6.8 警告
Network 		oauth2_proxy project oauth2_proxy oauth2_proxy projectのoauth2_proxyにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40574 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2204 9.1 緊急
Network 		oauth2_proxy project oauth2_proxy oauth2_proxy projectのoauth2_proxyにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-40575 2026-04-30 12:28 2026-04-22 Show GitHub Exploit DB Packet Storm
2205 4.8 警告
Network 		pyLoad-ng project pyLoad-ng pyLoad-ng projectのpyLoad-ngにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-40594 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2206 8.1 重要
Network 		The Kyverno Authors Kyverno The Kyverno AuthorsのKyvernoにおける重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2026-40868 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2207 8.1 重要
Network 		goshs goshs goshsにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40883 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2208 9.8 緊急
Network 		goshs goshs goshsにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-40884 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2209 8.8 重要
Network 		goshs goshs goshsにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-40885 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2210 7.5 重要
Network 		gomarkdown markdown gomarkdownのMarkdownにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-40890 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347241 - microsoft outlook_express Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line. NVD-CWE-Other
CVE-2001-0945 2016-10-18 11:13 2001-12-3 Show GitHub Exploit DB Packet Storm
347242 - oracle database_server Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access. NVD-CWE-Other
CVE-2001-0831 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347243 - oracle database_server Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log direc… NVD-CWE-Other
CVE-2001-0832 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347244 - ikonboard.com ikonboard Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cooki… NVD-CWE-Other
CVE-2001-0841 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347245 - leoboard lb5000 Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amemberna… NVD-CWE-Other
CVE-2001-0842 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347246 - seth_leonard book_of_guests
post_it 		Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter. NVD-CWE-Other
CVE-2001-0844 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347247 - e-zone_media fuse_talk join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable. NVD-CWE-Other
CVE-2001-0848 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347248 - francisco_burzi php-nuke PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.… NVD-CWE-Other
CVE-2001-0854 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347249 - rational_software clearcase Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable. NVD-CWE-Other
CVE-2001-0855 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm
347250 - ibm 4758 Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker with physical access to the system and Combine_Key_Parts permissions, to steal DES and 3DES keys by using a brute force attack t… NVD-CWE-Other
CVE-2001-0856 2016-10-18 11:12 2001-12-6 Show GitHub Exploit DB Packet Storm