Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2601	8.8	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-39891	2026-04-24 11:42	2026-04-8	Show	GitHub Exploit DB Packet Storm

2602	4.3	警告 Network	lycheeorg	lychee	lycheeorgのLycheeにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-39957	2026-04-24 11:42	2026-04-9	Show	GitHub Exploit DB Packet Storm

2603	9.6	緊急 Network	MISP	MISP	MISPにおけるLDAP インジェクションの脆弱性	CWE-90 LDAP インジェクション	CVE-2026-39962	2026-04-24 11:42	2026-04-9	Show	GitHub Exploit DB Packet Storm

2604	6.9	警告 Network	s9y	Serendipity	s9yのSerendipityにおける検証および完全性チェックを行っていない Cookie への依存に関する脆弱性	CWE-565 検証および完全性チェックを行っていない Cookie への依存	CVE-2026-39963	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

2605	7.2	重要 Network	s9y	Serendipity	s9yのSerendipityにおけるHTTP レスポンス分割に関する脆弱性	CWE-113 HTTP レスポンスの分割	CVE-2026-39971	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

2606	7.1	重要 Local	apktool	apktool	Apktoolにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-39973	2026-04-24 11:42	2026-04-21	Show	GitHub Exploit DB Packet Storm

2607	5.3	警告 Network	Apache Software Foundation	Apache log4net	Apache Software FoundationのApache log4netにおけるエンコードおよびエスケープに関する脆弱性	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-40021	2026-04-24 11:42	2026-04-10	Show	GitHub Exploit DB Packet Storm

2608	5.3	警告 Network	Daniel Gatis	Rembg	Daniel GatisのRembgにおける複数の脆弱性	CWE-22 CWE-73	CVE-2026-40086	2026-04-24 11:42	2026-04-10	Show	GitHub Exploit DB Packet Storm

2609	5.4	警告 Network	FUTO	Immich	FUTOのImmichにおける複数の脆弱性	CWE-601 CWE-79	CVE-2026-40096	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

2610	8.2	重要 Network	XWiki	xwiki	XWikiのxwikiにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-40104	2026-04-24 11:41	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315521	-		apple	terminal	Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.	CWE-78 OS Command	CVE-2002-1898	2024-02-3 00:13	2002-12-31	Show	GitHub Exploit DB Packet Storm

315522	9.8	CRITICAL Network	gaim_project	gaim	Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a …	CWE-131 Incorrect Calculation of Buffer Size	CVE-2005-2103	2024-02-3 00:02	2005-08-16	Show	GitHub Exploit DB Packet Storm

315523	6.5	MEDIUM Network	xmlsoft	libxml2	libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a cr…	CWE-776 XML Entity Expansion	CVE-2003-1564	2024-02-2 23:10	2003-12-31	Show	GitHub Exploit DB Packet Storm

315524	7.8	HIGH Local	apache	http_server	Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.	CWE-131 Incorrect Calculation of Buffer Size	CVE-2004-0747	2024-02-2 23:03	2004-10-20	Show	GitHub Exploit DB Packet Storm

315525	9.8	CRITICAL Network	oracle	database_server application_server e-business_suite enterprise_manager enterprise_manager_grid_control enterprise_manager_database_control collaboration_suite	Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.	CWE-131 Incorrect Calculation of Buffer Size	CVE-2004-1363	2024-02-2 23:01	2004-08-4	Show	GitHub Exploit DB Packet Storm

315526	9.8	CRITICAL Network	invisible-island debian	lynx debian_linux	Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Ly…	CWE-131 Incorrect Calculation of Buffer Size	CVE-2005-3120	2024-02-2 23:00	2005-10-18	Show	GitHub Exploit DB Packet Storm

315527	-		-	-	Rejected reason: REJECT DO NOT USE THIS CVE ID. ConsultIDs: none. Reason: This CVE ID is unused by its CNA. Notes: none.	-	CVE-2024-25001	2024-02-2 18:15	2024-02-2	Show	GitHub Exploit DB Packet Storm

315528	-		joomla	joomla\!	Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2005-4650	2024-02-2 12:07	2005-12-31	Show	GitHub Exploit DB Packet Storm

315529	7.5	HIGH Network	microsoft	internet_information_server	FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.	CWE-131 Incorrect Calculation of Buffer Size	CVE-2001-0334	2024-02-2 12:06	2001-06-27	Show	GitHub Exploit DB Packet Storm

315530	9.8	CRITICAL Network	sgi hp	irix hp-ux	Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.	CWE-131 Incorrect Calculation of Buffer Size	CVE-2001-0248	2024-02-2 12:06	2001-06-18	Show	GitHub Exploit DB Packet Storm