Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3011 5.3 警告
Network 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-39886 2026-04-24 11:42 2026-04-21 Show GitHub Exploit DB Packet Storm
3012 8.8 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-39891 2026-04-24 11:42 2026-04-8 Show GitHub Exploit DB Packet Storm
3013 4.3 警告
Network 		lycheeorg lychee lycheeorgのLycheeにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-39957 2026-04-24 11:42 2026-04-9 Show GitHub Exploit DB Packet Storm
3014 9.6 緊急
Network 		MISP MISP MISPにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-39962 2026-04-24 11:42 2026-04-9 Show GitHub Exploit DB Packet Storm
3015 6.9 警告
Network 		s9y Serendipity s9yのSerendipityにおける検証および完全性チェックを行っていない Cookie への依存に関する脆弱性 CWE-565
検証および完全性チェックを行っていない Cookie への依存 		CVE-2026-39963 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
3016 7.2 重要
Network 		s9y Serendipity s9yのSerendipityにおけるHTTP レスポンス分割に関する脆弱性 CWE-113
HTTP レスポンスの分割 		CVE-2026-39971 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
3017 7.1 重要
Local 		apktool apktool Apktoolにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39973 2026-04-24 11:42 2026-04-21 Show GitHub Exploit DB Packet Storm
3018 5.3 警告
Network 		Apache Software Foundation Apache log4net Apache Software FoundationのApache log4netにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-40021 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
3019 5.3 警告
Network 		Daniel Gatis Rembg Daniel GatisのRembgにおける複数の脆弱性 CWE-22
CWE-73
CVE-2026-40086 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
3020 5.4 警告
Network 		FUTO Immich FUTOのImmichにおける複数の脆弱性 CWE-601
CWE-79
CVE-2026-40096 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351121 - ben_chivers
easy_scripts_archive 		ben_chivers_guestbook
easy_guestbook 		Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access o… NVD-CWE-Other
CVE-2002-1410 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351122 - duma photo_gallery_system Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter. NVD-CWE-Other
CVE-2002-1411 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351123 - novell netware RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection. NVD-CWE-Other
CVE-2002-1413 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351124 - webeasymail webeasymail Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in … NVD-CWE-Other
CVE-2002-1415 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351125 - webeasymail webeasymail The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct b… NVD-CWE-Other
CVE-2002-1416 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351126 - novell small_business_suite
netware 		Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL… NVD-CWE-Other
CVE-2002-1417 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351127 - novell small_business_suite
netware 		Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (A… NVD-CWE-Other
CVE-2002-1418 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351128 - sgi irix The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address. NVD-CWE-Other
CVE-2002-1419 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351129 - ilia_alshanetsky fudforum SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php. NVD-CWE-Other
CVE-2002-1421 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm
351130 - ilia_alshanetsky fudforum admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters. NVD-CWE-Other
CVE-2002-1422 2008-09-6 05:30 2003-04-11 Show GitHub Exploit DB Packet Storm