Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227321 6.8 警告 xlight ftp server - XLight FTP Server の LDAP 認証機能におけるアクセス制限を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-0604 2012-12-20 18:34 2008-02-6 Show GitHub Exploit DB Packet Storm
227322 4.3 警告 Skype Technologies S.A. - Windows 上で稼動する Skype の Internet Explorer Web コントロールにおけるクロスゾーンスクリプティングの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0583 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227323 4.3 警告 Skype Technologies S.A. - Windows 上で稼動する Skype の Internet Explorer Web コントロールにおけるクロスゾーンスクリプティングの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0582 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227324 4.3 警告 トリップワイヤ - Tripwire Enterprise の Web 管理ログインページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0578 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227325 4.3 警告 webSPELL - webSPELL の admin/admincenter.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-0575 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227326 4.3 警告 webSPELL - webSPELL の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0574 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227327 7.2 危険 SafeNet, Inc - SafeNET HighAssurance Remote および SoftRemote の IPSecDrv.sys における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0573 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227328 4.3 警告 uniwin - Uniwin eCart Professional におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0558 2012-12-20 18:34 2008-02-4 Show GitHub Exploit DB Packet Storm
227329 10 危険 radio toolbox - Steamcast におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2008-0550 2012-12-20 18:34 2008-02-1 Show GitHub Exploit DB Packet Storm
227330 5 警告 radio toolbox - Steamcast の OggHeaderParse 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-0549 2012-12-20 18:34 2008-02-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1851 8.8 HIGH
Network 		goshs goshs goshs is a SimpleHTTPServer written in Go. From 2.0.0-beta.4 to 2.0.0-beta.5, goshs leaks file-based ACL credentials through its public collaborator feed when the server is deployed without global ba… CWE-200
NVD-CWE-noinfo
Information Exposure 		CVE-2026-40885 2026-04-27 23:51 2026-04-22 Show GitHub Exploit DB Packet Storm
1852 8.7 HIGH
Local 		linaro op-tee OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, mi… CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2026-33317 2026-04-27 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
1853 6.5 MEDIUM
Network 		apache activemq
activemq_web 		Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. An authenticated attacker can show malicious content when browsin… CWE-79
CWE-915
Cross-site Scripting
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-41043 2026-04-27 23:49 2026-04-24 Show GitHub Exploit DB Packet Storm
1854 8.8 HIGH
Network 		apache activemq
activemq_broker 		Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All. An authenticated attacker can use … CWE-20
CWE-94
 Improper Input Validation 
Code Injection 		CVE-2026-41044 2026-04-27 23:49 2026-04-24 Show GitHub Exploit DB Packet Storm
1855 9.8 CRITICAL
Network 		ericsson codechecker CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the URL ends with Authentication with certain… CWE-290
CWE-863
 Authentication Bypass by Spoofing
 Incorrect Authorization 		CVE-2026-25660 2026-04-27 23:48 2026-04-24 Show GitHub Exploit DB Packet Storm
1856 8.8 HIGH
Network 		mathjs mathjs Math.js is an extensive math library for JavaScript and Node.js. From 13.1.1 to before 15.2.0, a vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be a… CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-40897 2026-04-27 23:47 2026-04-25 Show GitHub Exploit DB Packet Storm
1857 4.3 MEDIUM
Network 		xibosignage xibo Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to version 4.4.1, any authenticated user can manually construct a URL t… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-31956 2026-04-27 23:44 2026-04-24 Show GitHub Exploit DB Packet Storm
1858 4.9 MEDIUM
Network 		xibosignage xibo Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authenticated Server-Side Request Forgery (SSRF) vulnerability in versions… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-31955 2026-04-27 23:43 2026-04-24 Show GitHub Exploit DB Packet Storm
1859 5.4 MEDIUM
Network 		xibosignage xibo Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting (XSS) vulnerability in versions prior to 4.4.1 … CWE-79
Cross-site Scripting 		CVE-2026-31953 2026-04-27 23:43 2026-04-24 Show GitHub Exploit DB Packet Storm
1860 3.3 LOW
Local 		chainguard melange melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, `melange lint --persist-lint-results` (opt-in flag, also usable via `me… CWE-22
Path Traversal 		CVE-2026-29051 2026-04-27 23:42 2026-04-24 Show GitHub Exploit DB Packet Storm