Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2601 5.3 警告
Network 		hono hono honoにおける動作順序 (正規化前の検証) に関する脆弱性 CWE-180
不適切な動作順序 (正規化前の検証) 		CVE-2026-39409 2026-04-23 10:11 2026-04-8 Show GitHub Exploit DB Packet Storm
2602 4.8 警告
Network 		hono hono honoにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-39410 2026-04-23 10:11 2026-04-8 Show GitHub Exploit DB Packet Storm
2603 6.7 警告
Local 		フォーティネット FortiClientEMS フォーティネットのFortiClientEMSにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-39809 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
2604 5.5 警告
Local 		フォーティネット FortiClientEMS フォーティネットのFortiClientEMSにおけるハードコードされた暗号鍵の使用に関する脆弱性 CWE-321
ハードコードされた暗号鍵の使用 		CVE-2026-39810 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
2605 4.9 警告
Network 		フォーティネット Fortiweb フォーティネットのFortiwebにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-39811 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
2606 4.8 警告
Network 		フォーティネット FortiSandbox
FortiSandbox Cloud 		フォーティネットのFortiSandbox等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-39812 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
2607 6.7 警告
Local 		フォーティネット Fortiweb フォーティネットのFortiwebにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-39814 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
2608 4.1 警告
Network 		Weblate Weblate Weblateにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-39845 2026-04-23 10:11 2026-04-15 Show GitHub Exploit DB Packet Storm
2609 5.9 警告
Network 		axios project axios axios projectのaxiosにおける複数の脆弱性 CWE-400
CWE-662
CVE-2026-39865 2026-04-23 10:11 2026-04-8 Show GitHub Exploit DB Packet Storm
2610 6.1 警告
Local 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-125
CWE-476
CWE-843
CVE-2026-39956 2026-04-23 10:11 2026-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348691 - standards_based_linux_instrumentation sblim-sfcb httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service (resource consumption) by connecting to sblim-sfcb but not sending any data. NVD-CWE-Other
CVE-2005-3145 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348692 - storebackup
suse 		storebackup
suse_linux 		StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2005-3146 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348693 - storebackup
suse 		storebackup
suse_linux 		StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information. NVD-CWE-Other
CVE-2005-3147 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348694 - storebackup
suse 		storebackup
suse_linux 		StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be re… NVD-CWE-Other
CVE-2005-3148 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348695 - weex weex Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames. NVD-CWE-Other
CVE-2005-3150 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348696 - blender blender Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument. NVD-CWE-Other
CVE-2005-3151 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348697 - mailenable mailenable_enterprise
mailenable_professional 		Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2005-3155 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348698 - php_fusion php_fusion Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote attackers to execute arbitrary SQL commands via the (1) album and (2) photo parameters. NVD-CWE-Other
CVE-2005-3160 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348699 - polipo polipo Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers to read files outside of the web root. NVD-CWE-Other
CVE-2005-3163 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm
348700 - mediawiki mediawiki Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via (1) <math> tags or (2) Extension or <nowiki> sections t… NVD-CWE-Other
CVE-2005-3165 2008-09-6 05:53 2005-10-6 Show GitHub Exploit DB Packet Storm