Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2691 4.3 警告
Network 		dnnsoftware dotnetnuke dnnsoftwareのdotnetnukeにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-40305 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2692 6.5 警告
Network 		dnnsoftware dotnetnuke dnnsoftwareのdotnetnukeにおける不十分なランダム値の使用に関する脆弱性 CWE-330
不十分なランダム値の使用 		CVE-2026-40306 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2693 8 重要
Network 		dnnsoftware dotnetnuke dnnsoftwareのdotnetnukeにおける代替 XSS 構文の不適切な無効化に関する脆弱性 CWE-87
代替 XSS 構文の不適切な無効化 		CVE-2026-40321 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2694 5.3 警告
Network 		The FastAPI Expert python-multipart The FastAPI Expertのpython-multipartにおける複数の脆弱性 CWE-400
CWE-834
CVE-2026-40347 2026-04-27 10:48 2026-04-18 Show GitHub Exploit DB Packet Storm
2695 5.4 警告
Network 		wger wger wger Projectのwgerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40353 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2696 7.6 重要
Network 		wger wger wger Projectのwgerにおける複数の脆弱性 CWE-284
CWE-862
CVE-2026-40474 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2697 9 緊急
Network 		Thymeleaf Thymeleaf Thymeleafにおける複数の脆弱性 CWE-1336
CWE-917
CVE-2026-40477 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2698 9 緊急
Network 		Thymeleaf Thymeleaf Thymeleafにおける複数の脆弱性 CWE-1336
CWE-917
CVE-2026-40478 2026-04-27 10:47 2026-04-17 Show GitHub Exploit DB Packet Storm
2699 7.1 重要
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40599 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
2700 4.4 警告
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-40604 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350941 - kde kde Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2002-2333 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350942 - joseph_allen joe Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits s… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2002-2334 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350943 - john_drake killer_protection Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protectio… CWE-16
Configuration 		CVE-2002-2335 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350944 - symantec norton_personal_firewall Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. CWE-16
Configuration 		CVE-2002-2336 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350945 - kaspersky_lab kaspersky_anti-hacker Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. NVD-CWE-Other
CVE-2002-2337 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350946 - mozilla
netscape 		mozilla
communicator
navigator 		The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) … CWE-20
 Improper Input Validation  		CVE-2002-2338 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350947 - script_shed ssgbook Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) … CWE-79
Cross-site Scripting 		CVE-2002-2339 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350948 - sonicwall soho3 Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. CWE-79
Cross-site Scripting 		CVE-2002-2341 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350949 - nocc nocc Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. CWE-79
Cross-site Scripting 		CVE-2002-2343 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
350950 - ensim webppliance Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2002-2344 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm