Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2691	6.5	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおける不十分なランダム値の使用に関する脆弱性	CWE-330 不十分なランダム値の使用	CVE-2026-40306	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

2692	8	重要 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおける代替 XSS 構文の不適切な無効化に関する脆弱性	CWE-87 代替 XSS 構文の不適切な無効化	CVE-2026-40321	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

2693	5.3	警告 Network	The FastAPI Expert	python-multipart	The FastAPI Expertのpython-multipartにおける複数の脆弱性	CWE-400 CWE-834	CVE-2026-40347	2026-04-27 10:48	2026-04-18	Show	GitHub Exploit DB Packet Storm

2694	5.4	警告 Network	wger	wger	wger Projectのwgerにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40353	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

2695	7.6	重要 Network	wger	wger	wger Projectのwgerにおける複数の脆弱性	CWE-284 CWE-862	CVE-2026-40474	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

2696	9	緊急 Network	Thymeleaf	Thymeleaf	Thymeleafにおける複数の脆弱性	CWE-1336 CWE-917	CVE-2026-40477	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

2697	9	緊急 Network	Thymeleaf	Thymeleaf	Thymeleafにおける複数の脆弱性	CWE-1336 CWE-917	CVE-2026-40478	2026-04-27 10:47	2026-04-17	Show	GitHub Exploit DB Packet Storm

2698	7.1	重要 Local	Craig J. Bass (craigjbass)	ClearanceKit	Craig J. Bass (craigjbass)のClearanceKitにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-40599	2026-04-27 10:47	2026-04-21	Show	GitHub Exploit DB Packet Storm

2699	4.4	警告 Local	Craig J. Bass (craigjbass)	ClearanceKit	Craig J. Bass (craigjbass)のClearanceKitにおける保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-40604	2026-04-27 10:47	2026-04-21	Show	GitHub Exploit DB Packet Storm

2700	4.8	警告 Network	mitmproxy	mitmproxy	mitmproxyにおけるLDAP インジェクションの脆弱性	CWE-90 LDAP インジェクション	CVE-2026-40606	2026-04-27 10:47	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316201	7.8	HIGH Local	freebsd	freebsd	FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cau…	CWE-909 Missing Initialization of Resource	CVE-2005-1036	2024-02-9 08:47	2005-05-2	Show	GitHub Exploit DB Packet Storm

316202	-		-	-	Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has not acknowledged this issue as a security flaw.	-	CVE-2022-0931	2024-02-9 08:15	2024-02-9	Show	GitHub Exploit DB Packet Storm

316203	6.5	MEDIUM Network	helpcenterlive	help_center_live	Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perform actions as the administrator via a link or IMG tag to view.php.	CWE-352 Origin Validation Error	CVE-2005-1674	2024-02-9 05:47	2005-05-19	Show	GitHub Exploit DB Packet Storm

316204	7.5	HIGH Network	cisco	ios	Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS)…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2002-1706	2024-02-9 05:47	2002-12-31	Show	GitHub Exploit DB Packet Storm

316205	7.8	HIGH Local	hp	chaivm_ezloader	ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.	CWE-347 Improper Verification of Cryptographic Signature	CVE-2002-1796	2024-02-9 05:47	2002-12-31	Show	GitHub Exploit DB Packet Storm

316206	7.5	HIGH Network	microsoft	windows_nt windows_2000	By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS re…	CWE-346 Origin Validation Error	CVE-2001-1452	2024-02-9 05:47	2001-08-31	Show	GitHub Exploit DB Packet Storm

316207	9.8	CRITICAL Network	microsoft	windows_nt windows_xp windows_2000 windows_98 windows_98se	The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts th…	CWE-346 Origin Validation Error	CVE-2000-1218	2024-02-9 05:47	2000-04-14	Show	GitHub Exploit DB Packet Storm

316208	7.5	HIGH Network	thekelleys	dnsmasq	Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.	CWE-346 Origin Validation Error	CVE-2005-0877	2024-02-9 05:46	2005-05-2	Show	GitHub Exploit DB Packet Storm

316209	8.8	HIGH Network	phpnuke	php-nuke	Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.	CWE-352 Origin Validation Error	CVE-2004-1842	2024-02-9 05:46	2004-12-31	Show	GitHub Exploit DB Packet Storm

316210	6.5	MEDIUM Network	fusetalk	fusetalk	Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm.	CWE-352 Origin Validation Error	CVE-2004-1995	2024-02-9 05:46	2004-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed