Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
221 9.1 緊急
Network 		Fatedier FRP FatedierのFRPにおける認証に関する脆弱性 New CWE-287
CWE-noinfo
CVE-2026-40910 2026-05-1 10:38 2026-04-21 Show GitHub Exploit DB Packet Storm
222 8.8 重要
Network 		VMware Spring gRPC VMwareのSpring gRPCにおける隔離または分類に関する脆弱性 New CWE-653
不適切な隔離または分類 		CVE-2026-40968 2026-05-1 10:38 2026-04-28 Show GitHub Exploit DB Packet Storm
223 5.3 警告
Network 		VMware Spring gRPC VMwareのSpring gRPCにおけるエラーメッセージによる情報漏えいに関する脆弱性 New CWE-209
エラーメッセージによる情報漏えい 		CVE-2026-40969 2026-05-1 10:38 2026-04-28 Show GitHub Exploit DB Packet Storm
224 7.5 重要
Network 		Frappe Press FrappeのPressにおけるクロスサイトリクエストフォージェリの脆弱性 New CWE-352
同一生成元ポリシー違反 		CVE-2026-41317 2026-05-1 10:38 2026-04-24 Show GitHub Exploit DB Packet Storm
225 6.1 警告
Network 		Frappe Press FrappeのPressにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41430 2026-05-1 10:38 2026-04-24 Show GitHub Exploit DB Packet Storm
226 8.8 重要
Network 		D-Link Systems, Inc. DHP-1320 Firmware D-Link CorporationのDHP-1320 Firmwareにおける複数の脆弱性 New CWE-119
CWE-121
CVE-2026-4529 2026-05-1 10:38 2026-03-21 Show GitHub Exploit DB Packet Storm
227 7 重要
Local 		flos-freeware (Florian Balmer) Notepad2 flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性 New CWE-426
CWE-427
CVE-2026-4545 2026-05-1 10:38 2026-03-22 Show GitHub Exploit DB Packet Storm
228 7 重要
Local 		flos-freeware (Florian Balmer) Notepad2 flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性 New CWE-426
CWE-427
CVE-2026-4546 2026-05-1 10:38 2026-03-22 Show GitHub Exploit DB Packet Storm
229 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. 4G03 Pro Firmware Shenzhen Tenda Technology Co.,Ltd.の4G03 Pro Firmwareにおける複数の脆弱性 New CWE-266
CWE-284
CVE-2026-5526 2026-05-1 10:38 2026-04-4 Show GitHub Exploit DB Packet Storm
230 5.3 警告
Network 		Shenzhen Tenda Technology Co.,Ltd. 4G03 Pro Firmware Shenzhen Tenda Technology Co.,Ltd.の4G03 Pro Firmwareにおける複数の脆弱性 New CWE-320
CWE-321
CVE-2026-5527 2026-05-1 10:38 2026-04-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313271 - cgiscript csguestbook csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. CWE-94
Code Injection 		CVE-2002-1750 2024-02-15 01:57 2002-12-31 Show GitHub Exploit DB Packet Storm
313272 - cgiscript cschat-r-box csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. CWE-94
Code Injection 		CVE-2002-1752 2024-02-15 01:57 2002-12-31 Show GitHub Exploit DB Packet Storm
313273 - cgiscript csnews_professional csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. CWE-94
Code Injection 		CVE-2002-1753 2024-02-15 01:56 2002-12-31 Show GitHub Exploit DB Packet Storm
313274 5.5 MEDIUM
Local 		daansystems newsreactor NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts. CWE-326
Inadequate Encryption Strength 		CVE-2002-1682 2024-02-15 01:55 2002-12-31 Show GitHub Exploit DB Packet Storm
313275 7.8 HIGH
Local 		mckesson pathways_homecare Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file. CWE-326
Inadequate Encryption Strength 		CVE-2001-1546 2024-02-15 01:55 2001-12-31 Show GitHub Exploit DB Packet Storm
313276 9.8 CRITICAL
Network 		arkeia arkeia Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password g… CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2001-0967 2024-02-15 01:55 2001-08-31 Show GitHub Exploit DB Packet Storm
313277 7.8 HIGH
Local 		spectrumcu cash_receipting_system Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a passw… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2005-4860 2024-02-15 01:54 2005-12-31 Show GitHub Exploit DB Packet Storm
313278 - plainblack webgui Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm. CWE-94
Code Injection 		CVE-2005-2837 2024-02-15 01:53 2005-09-8 Show GitHub Exploit DB Packet Storm
313279 7.5 HIGH
Network 		vtun_project vtun Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain s… CWE-326
Inadequate Encryption Strength 		CVE-2002-1697 2024-02-15 00:51 2002-12-31 Show GitHub Exploit DB Packet Storm
313280 5.5 MEDIUM
Local 		mdaemon mdaemon Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords. CWE-326
Inadequate Encryption Strength 		CVE-2002-1739 2024-02-15 00:50 2002-12-31 Show GitHub Exploit DB Packet Storm