Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2421 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows GDI の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-27930 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
2422 5.5 警告
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows 11 26h1
Microsoft Windows 10 22h2
Microsoft Windows 10 21h2
Microsoft Windows&… 		Windows GDI の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-27931 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
2423 8.1 重要
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-28741 2026-04-24 11:31 2026-04-15 Show GitHub Exploit DB Packet Storm
2424 8.8 重要
Network 		infiniflow ragflow infiniflowのragflowにおける複数の脆弱性 CWE-1336
CWE-20
CWE-78
CWE-94
CVE-2026-28797 2026-04-24 11:31 2026-04-3 Show GitHub Exploit DB Packet Storm
2425 7.1 重要
Network 		Daylight Studio FUEL CMS Daylight StudioのFUEL CMSにおけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み 		CVE-2026-30459 2026-04-24 11:31 2026-04-16 Show GitHub Exploit DB Packet Storm
2426 9.8 緊急
Network 		TOTOLINK a3300r ファームウェア TOTOLINKのa3300r ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-31170 2026-04-24 11:31 2026-04-9 Show GitHub Exploit DB Packet Storm
2427 7 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows Simple Search Discovery Protocol (SSDP) サービスの特権昇格の脆弱性 CWE-362
競合状態 		CVE-2026-32068 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
2428 7.8 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 11 23h2
Microsoft Windows 11 26h1
Microsoft Windows 10 1809
Microsoft Wind… 		Windows Projected File System の特権の昇格の脆弱性 CWE-415
二重解放 		CVE-2026-32069 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
2429 7 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows 共通ログ ファイル システム ドライバーの特権の昇格の脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32070 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
2430 7.5 重要
Network 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows ローカル セキュリティ機関サブシステム サービス (LSASS) のサービス拒否の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-32071 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315241 7.5 HIGH
Network 		jetico bcwipe BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information th… CWE-459
 Incomplete Cleanup 		CVE-2002-2066 2024-02-9 05:13 2002-12-31 Show GitHub Exploit DB Packet Storm
315242 5.5 MEDIUM
Local 		pgp freeware
corporate_desktop
personal_security 		An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to str… CWE-459
 Incomplete Cleanup 		CVE-2002-0788 2024-02-9 05:13 2002-08-12 Show GitHub Exploit DB Packet Storm
315243 5.5 MEDIUM
Local 		icq icq ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information. CWE-459
 Incomplete Cleanup 		CVE-2000-0552 2024-02-9 05:12 2000-06-6 Show GitHub Exploit DB Packet Storm
315244 9.8 CRITICAL
Network 		risearch risearch
risearch_pro 		RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, o… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2004-2061 2024-02-9 04:56 2004-07-27 Show GitHub Exploit DB Packet Storm
315245 9.8 CRITICAL
Network 		siemens db4web DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that sp… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2002-1484 2024-02-9 04:56 2003-04-22 Show GitHub Exploit DB Packet Storm
315246 7.5 HIGH
Network 		adobe acrobat_reader
acrobat 		The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulne… CWE-611
XXE 		CVE-2005-1306 2024-02-9 04:55 2005-06-15 Show GitHub Exploit DB Packet Storm
315247 5.5 MEDIUM
Local 		dump_project dump dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file. CWE-667
 Improper Locking 		CVE-2002-1914 2024-02-9 04:24 2002-12-31 Show GitHub Exploit DB Packet Storm
315248 5.5 MEDIUM
Local 		openbsd
netbsd
freebsd 		openbsd
netbsd
freebsd 		tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. CWE-667
 Improper Locking 		CVE-2002-1915 2024-02-9 04:24 2002-12-31 Show GitHub Exploit DB Packet Storm
315249 7.8 HIGH
Local 		microsoft windows_2000 Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access. CWE-667
 Improper Locking 		CVE-2002-0051 2024-02-9 04:24 2002-04-4 Show GitHub Exploit DB Packet Storm
315250 5.5 MEDIUM
Local 		concurrent_versions_software_project concurrent_versions_software Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use… CWE-667
 Improper Locking 		CVE-2000-0338 2024-02-9 04:23 2000-04-23 Show GitHub Exploit DB Packet Storm