Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3981 6.6 警告
Local 		Veeam one サムスンのOneにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40450 2026-04-30 12:13 2026-04-22 Show GitHub Exploit DB Packet Storm
3982 8.2 重要
Network 		UltraDAG UltraDAG UltraDAGにおける複数の脆弱性 CWE-460
CWE-696
CVE-2026-40583 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3983 7.5 重要
Network 		RansomLook RansomLook RansomLookにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40584 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3984 5.6 警告
Local 		Home Assistant Ecosystem Home Assistant Command-line Interface (hass-cli) Home Assistant EcosystemのHome Assistant Command-line Interface (hass-cli)における複数の脆弱性 CWE-1336
CWE-94
CVE-2026-40602 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3985 5.5 警告
Local 		Dayuan Jiang (DayuanJiang) Next AI Draw.io Dayuan Jiang (DayuanJiang)のNext AI Draw.ioにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40608 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
3986 8.1 重要
Network 		Zcash Foundation Zebra-consensus
Zebrad 		Zcash FoundationのZebra-consensus等の複数製品における誤った要素を使用した比較に関する脆弱性 CWE-1025
誤った要素を使用した比較 		CVE-2026-40880 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
3987 7.5 重要
Network 		Zcash Foundation zebra-network
Zebrad 		Zcash Foundationのzebra-network等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40881 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
3988 6.5 警告
Network 		Frappe Frappe HR FrappeのFrappe HRにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40888 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
3989 6.5 警告
Network 		Frappe Frappe HR FrappeのFrappe HRにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40889 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
3990 8.8 重要
Network 		Jos de Jong math.js Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-40897 2026-04-30 12:12 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348421 - midnight_commander
debian
gentoo
redhat
suse
turbolinux 		midnight_commander
debian_linux
linux
enterprise_linux
linux_advanced_workstation
suse_linux
turbolinux_server
turbolinux_workstation 		Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." NVD-CWE-Other
CVE-2004-1093 2017-07-11 10:30 2005-04-14 Show GitHub Exploit DB Packet Storm
348422 - zgv
debian 		xzgv_image_viewer
zgv_image_viewer
debian_linux 		Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in … NVD-CWE-Other
CVE-2004-1095 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348423 - cherokee cherokee_httpd Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (a… NVD-CWE-Other
CVE-2004-1097 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348424 - roaring_penguin
mandrakesoft
suse 		mimedefang
mandrake_linux
mandrake_linux_corporate_server
suse_linux 		MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. NVD-CWE-Other
CVE-2004-1098 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348425 - tips mailpost Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTM… NVD-CWE-Other
CVE-2004-1100 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348426 - tips mailpost Successful exploitation requires that debug mode is enabled. NVD-CWE-Other
CVE-2004-1100 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348427 - tips mailpost mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error messag… NVD-CWE-Other
CVE-2004-1101 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348428 - tips mailpost MailPost 5.1.1sv, and possibly earlier versions, displays a different error message depending on whether the requested file exists or not, which allows remote attackers to gain sensitive information. NVD-CWE-Other
CVE-2004-1102 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348429 - tips mailpost MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to gain sensitive information via the debug parameter, which reveals information such as the path … NVD-CWE-Other
CVE-2004-1103 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
348430 - nortel contivity Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. NVD-CWE-Other
CVE-2004-1105 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm