Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 12:06 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2711	9.3	緊急 Network	WWBN	AVideo	WWBNのAVideoにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-41064	2026-04-27 10:47	2026-04-22	Show	GitHub Exploit DB Packet Storm

2712	5	警告 Network	OpenFGA	OpenFGA Helm Charts	OpenFGAのHelm Charts等の複数製品における複数の脆弱性	CWE-706 CWE-863	CVE-2026-41131	2026-04-27 10:47	2026-04-22	Show	GitHub Exploit DB Packet Storm

2713	8.8	重要 Network	flowiseai	flowise	flowiseaiのflowiseにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41137	2026-04-27 10:47	2026-04-23	Show	GitHub Exploit DB Packet Storm

2714	8.8	重要 Network	flowiseai	flowise	flowiseaiのflowiseにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41138	2026-04-27 10:47	2026-04-23	Show	GitHub Exploit DB Packet Storm

2715	7	重要 Network	openremote	openremote	openremoteにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41166	2026-04-27 10:47	2026-04-22	Show	GitHub Exploit DB Packet Storm

2716	5.3	警告 Network	pypdf project	pypdf	pypdf projectのpypdfにおける過度な反復の脆弱性	CWE-834 過度なイテレーション	CVE-2026-41168	2026-04-27 10:46	2026-04-22	Show	GitHub Exploit DB Packet Storm

2717	9.8	緊急 Network	flowiseai	flowise	flowiseaiのflowiseにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-41264	2026-04-27 10:46	2026-04-23	Show	GitHub Exploit DB Packet Storm

2718	9.8	緊急 Network	flowiseai	flowise	flowiseaiのflowiseにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41265	2026-04-27 10:46	2026-04-23	Show	GitHub Exploit DB Packet Storm

2719	7.5	重要 Network	flowiseai	flowise	flowiseaiのflowiseにおける複数の脆弱性	CWE-200 CWE-522 CWE-862	CVE-2026-41266	2026-04-27 10:46	2026-04-23	Show	GitHub Exploit DB Packet Storm

2720	9.8	緊急 Network	flowiseai	flowise	flowiseaiのflowiseにおける複数の脆弱性	CWE-639 CWE-915	CVE-2026-41267	2026-04-27 10:46	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316311	7.5	HIGH Network	symantec	norton_antivirus	Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some…	CWE-178 Improper Handling of Case Sensitivity	CVE-2002-0485	2024-02-2 11:17	2002-08-12	Show	GitHub Exploit DB Packet Storm

316312	7.5	HIGH Network	netscape	fasttrack_server	Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.	CWE-178 Improper Handling of Case Sensitivity	CVE-1999-0239	2024-02-2 11:16	1998-01-1	Show	GitHub Exploit DB Packet Storm

316313	9.8	CRITICAL Network	sir	gnuboard	The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that inc…	CWE-178 Improper Handling of Case Sensitivity	CVE-2005-0269	2024-02-2 11:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

316314	9.8	CRITICAL Network	apache	http_server	Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.	CWE-178 Improper Handling of Case Sensitivity	CVE-2001-0766	2024-02-2 11:13	2001-10-18	Show	GitHub Exploit DB Packet Storm

316315	7.5	HIGH Network	cmfperception	liteserve	Perception LiteServe 1.25 allows remote attackers to obtain source code of CGI scripts via URLs that contain MS-DOS conventions such as (1) upper case letters or (2) 8.3 file names.	CWE-178 Improper Handling of Case Sensitivity	CVE-2001-0795	2024-02-2 11:12	2001-10-18	Show	GitHub Exploit DB Packet Storm

316316	7.8	HIGH Local	microsoft	windows_2000	Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which coul…	CWE-178 Improper Handling of Case Sensitivity	CVE-2001-1238	2024-02-2 11:11	2001-07-16	Show	GitHub Exploit DB Packet Storm

316317	7.5	HIGH Network	transsoft	broker_ftp_server	Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.	CWE-59 Link Following	CVE-2001-1042	2024-02-2 11:05	2001-07-2	Show	GitHub Exploit DB Packet Storm

316318	7.5	HIGH Network	qualcomm	eudora	Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."	CWE-59 Link Following	CVE-2000-0342	2024-02-2 11:05	2000-04-28	Show	GitHub Exploit DB Packet Storm

316319	7.5	HIGH Network	argosoft	ftp_server	ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.	CWE-59 Link Following	CVE-2001-1043	2024-02-2 11:04	2001-07-1	Show	GitHub Exploit DB Packet Storm

316320	6.5	MEDIUM Network	mozilla	mozilla firefox	Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file …	CWE-59 Link Following	CVE-2005-0587	2024-02-2 11:03	2005-03-25	Show	GitHub Exploit DB Packet Storm