Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3981	6.6	警告 Local	Veeam	one	サムスンのOneにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40450	2026-04-30 12:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

3982	8.2	重要 Network	UltraDAG	UltraDAG	UltraDAGにおける複数の脆弱性	CWE-460 CWE-696	CVE-2026-40583	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3983	7.5	重要 Network	RansomLook	RansomLook	RansomLookにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-40584	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3984	5.6	警告 Local	Home Assistant Ecosystem	Home Assistant Command-line Interface (hass-cli)	Home Assistant EcosystemのHome Assistant Command-line Interface (hass-cli)における複数の脆弱性	CWE-1336 CWE-94	CVE-2026-40602	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3985	5.5	警告 Local	Dayuan Jiang (DayuanJiang)	Next AI Draw.io	Dayuan Jiang (DayuanJiang)のNext AI Draw.ioにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-40608	2026-04-30 12:12	2026-04-21	Show	GitHub Exploit DB Packet Storm

3986	8.1	重要 Network	Zcash Foundation	Zebra-consensus Zebrad	Zcash FoundationのZebra-consensus等の複数製品における誤った要素を使用した比較に関する脆弱性	CWE-1025 誤った要素を使用した比較	CVE-2026-40880	2026-04-30 12:12	2026-04-21	Show	GitHub Exploit DB Packet Storm

3987	7.5	重要 Network	Zcash Foundation	zebra-network Zebrad	Zcash Foundationのzebra-network等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-40881	2026-04-30 12:12	2026-04-21	Show	GitHub Exploit DB Packet Storm

3988	6.5	警告 Network	Frappe	Frappe HR	FrappeのFrappe HRにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-40888	2026-04-30 12:12	2026-04-21	Show	GitHub Exploit DB Packet Storm

3989	6.5	警告 Network	Frappe	Frappe HR	FrappeのFrappe HRにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-40889	2026-04-30 12:12	2026-04-21	Show	GitHub Exploit DB Packet Storm

3990	8.8	重要 Network	Jos de Jong	math.js	Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性	CWE-915 動的に決定されたオブジェクト属性の不適切に制御された変更	CVE-2026-40897	2026-04-30 12:12	2026-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
352671	-	frees_wan apple freebsd netbsd global_technology_associates nec	frees_wan mac_os_x mac_os_x_server freebsd netbsd gnat_box_firmware bluefire_ix1035_router ix1010 ix1011 ix1020 ix1050 ix2010	IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via s…	NVD-CWE-Other	CVE-2002-0666	2008-09-11 04:12	2002-11-4	Show	GitHub Exploit DB Packet Storm

352672	-	pingtel	xpressa	Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone.	NVD-CWE-Other	CVE-2002-0667	2008-09-11 04:12	2002-07-23	Show	GitHub Exploit DB Packet Storm

352673	-	pingtel	xpressa	Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone.	NVD-CWE-Other	CVE-2002-0675	2008-09-11 04:12	2002-07-23	Show	GitHub Exploit DB Packet Storm

352674	-	suse	suse_linux	ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.	NVD-CWE-Other	CVE-2002-0758	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm

352675	-	suse	suse_linux	shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that …	NVD-CWE-Other	CVE-2002-0762	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm

352676	-	openbsd	openssh openbsd	sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.	NVD-CWE-Other	CVE-2002-0765	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm

352677	-	openbsd	openbsd	OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1,…	NVD-CWE-Other	CVE-2002-0766	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm

352678	-	ibm	aix	clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.	NVD-CWE-Other	CVE-2002-0790	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm

352679	-	mozilla	bugzilla	Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi.	NVD-CWE-Other	CVE-2002-0803	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm

352680	-	mozilla	bugzilla	Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) fiel…	NVD-CWE-Other	CVE-2002-0807	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm