Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4701	8.8	重要 Network	Math.js	Math.js	Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性	CWE-915 動的に決定されたオブジェクト属性の不適切に制御された変更	CVE-2026-41139	2026-05-11 11:10	2026-05-7	Show	GitHub Exploit DB Packet Storm

4702	8.8	重要 Network	OpenEXR	OpenEXR	OpenEXRにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-41142	2026-05-11 11:10	2026-05-7	Show	GitHub Exploit DB Packet Storm

4703	7.7	重要 Network	Istio	Istio	Istioにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-41413	2026-05-11 11:09	2026-05-7	Show	GitHub Exploit DB Packet Storm

4704	8.1	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-41496	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

4705	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-77 CWE-78	CVE-2026-41497	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

4706	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41500	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

4707	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41501	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

4708	7.8	重要 Local	Sebastian Bergmann	PHPUnit	Sebastian BergmannのPHPUnitにおける複数の脆弱性	CWE-88 CWE-93	CVE-2026-41570	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

4709	7.5	重要 Network	Zcash Foundation	Zebra-chain Zebrad	Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-41584	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

4710	5.3	警告 Network	projectdiscovery	Nuclei	ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41645	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
354361	-	mozilla	bugzilla	bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.	NVD-CWE-Other	CVE-2002-1197	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354362	-	mozilla	bugzilla	Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.	NVD-CWE-Other	CVE-2002-1198	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354363	-	ibm	aix	IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing t…	NVD-CWE-Other	CVE-2002-1201	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354364	-	ibm	secureway_firewall	IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaust…	CWE-399 Resource Management Errors	CVE-2002-1203	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354365	-	jason_orcutt	prometheus	Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROMETHEUS_LIBRARY_BASE that points to code stored on a remote server, which is then used in (1) index.…	NVD-CWE-Other	CVE-2002-1211	2016-10-18 11:24	2002-11-12	Show	GitHub Exploit DB Packet Storm

354366	-	gnu	tar	GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security che…	NVD-CWE-Other	CVE-2002-1216	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354367	-	kth	heimdal	Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.	NVD-CWE-Other	CVE-2002-1225	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354368	-	kth	heimdal	Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffe…	NVD-CWE-Other	CVE-2002-1226	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354369	-	avaya	cajun_p550 cajun_p550r cajun_p580 cajun_p880 cajun_p882	Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier contain undocumented accounts (1) manuf and (2) diag with default passwords, which allows remote attackers to gain privileges.	NVD-CWE-Other	CVE-2002-1229	2016-10-18 11:24	2002-10-28	Show	GitHub Exploit DB Packet Storm

354370	-	cisco	pix_firewall	The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords…	NVD-CWE-Other	CVE-2002-0954	2016-10-18 11:23	2002-10-4	Show	GitHub Exploit DB Packet Storm