Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2591 4.3 警告
Network 		McGill University LORIS (Longitudinal Online Research and Imaging System) McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)におけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-35400 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2592 5.4 警告
Network 		McGill University LORIS (Longitudinal Online Research and Imaging System) McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-35403 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2593 8.6 重要
Network 		McGill University LORIS (Longitudinal Online Research and Imaging System) McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)における外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-35446 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2594 4.3 警告
Network 		inventree project inventree inventree projectのinventreeにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-35476 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2595 4.7 警告
Network 		inventree project inventree inventree projectのinventreeにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-35479 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2596 7.1 重要
Network 		inventree project inventree inventree projectのinventreeにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-39362 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2597 4.8 警告
Network 		Ci4-cms-erp Ci4MS Ci4-cms-erpのCi4MSにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-39390 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2598 5.3 警告
Network 		hono node-server honoのnode-serverにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39406 2026-04-23 10:12 2026-04-8 Show GitHub Exploit DB Packet Storm
2599 5.3 警告
Network 		hono hono honoにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39407 2026-04-23 10:11 2026-04-8 Show GitHub Exploit DB Packet Storm
2600 7.5 重要
Network 		hono hono honoにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39408 2026-04-23 10:11 2026-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349711 - sws sws_simple_web_server SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline. NVD-CWE-Other
CVE-2002-2370 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349712 - linksys wet11 Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. CWE-20
 Improper Input Validation  		CVE-2002-2371 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349713 - ibm infoprint_21 The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2002-2372 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349714 - apple tcp_ip_configuration_utility The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. CWE-16
Configuration 		CVE-2002-2373 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349715 - sun patchpro Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." CWE-59
NVD-CWE-noinfo
CWE-362
Link Following
Race Condition 		CVE-2002-2374 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349716 - stalker communigate_pro Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (d… CWE-22
Path Traversal 		CVE-2002-2375 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349717 - leung e-guest Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homep… CWE-79
Cross-site Scripting 		CVE-2002-2376 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349718 - sephiroth32 zap_book Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field. CWE-79
Cross-site Scripting 		CVE-2002-2377 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349719 - nakata an_httpd Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting erro… CWE-79
Cross-site Scripting 		CVE-2002-2378 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm
349720 - microsoft network_firmware NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic. CWE-200
Information Exposure 		CVE-2002-2380 2008-09-6 05:33 2002-12-31 Show GitHub Exploit DB Packet Storm