Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1121	7.3	重要 Local	systemd project	systemd	systemd projectのsystemdにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-40224	2026-04-30 12:29	2026-04-10	Show	GitHub Exploit DB Packet Storm

1122	6.4	警告 Physics	systemd project	systemd	systemd projectのsystemdにおける領域間での誤ったリソース移動に関する脆弱性	CWE-669 領域間での誤ったリソース移動	CVE-2026-40225	2026-04-30 12:28	2026-04-10	Show	GitHub Exploit DB Packet Storm

1123	6.1	警告 Network	FreeRDP	FreeRDP	FreeRDPにおける境界条件の判定に関する脆弱性	CWE-193 境界条件の判定	CVE-2026-40254	2026-04-30 12:28	2026-04-24	Show	GitHub Exploit DB Packet Storm

1124	3.7	低 Network	BACnet Stack	BACnet Stack	BACnet Stackにおける未定義、未指定、または実装定義の動作への依存に関する脆弱性	CWE-758 未定義、未指定、または実装定義の動作への依存	CVE-2026-40279	2026-04-30 12:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

1125	7.6	重要 Network	WeGIA	WeGIA	WeGIAにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40283	2026-04-30 12:28	2026-04-17	Show	GitHub Exploit DB Packet Storm

1126	6.5	警告 Network	OpenFGA	OpenFGA	OpenFGAにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-40293	2026-04-30 12:28	2026-04-17	Show	GitHub Exploit DB Packet Storm

1127	9.9	緊急 Network	FirebirdSQL	Firebird	FirebirdSQLのFirebirdにおける複数の脆弱性	CWE-22 CWE-427 CWE-73 CWE-94	CVE-2026-40342	2026-04-30 12:28	2026-04-17	Show	GitHub Exploit DB Packet Storm

1128	8.2	重要 Network	Minio Inc.	Minio	Minio Inc.のMinioにおける複数の脆弱性	CWE-287 CWE-306	CVE-2026-40344	2026-04-30 12:28	2026-04-22	Show	GitHub Exploit DB Packet Storm

1129	9.8	緊急 Network	FastGPT	FastGPT	FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-40351	2026-04-30 12:28	2026-04-17	Show	GitHub Exploit DB Packet Storm

1130	8.8	重要 Network	FastGPT	FastGPT	FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-40352	2026-04-30 12:28	2026-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351111	-	matt_wright	formhandler.cgi	Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to…	NVD-CWE-Other	CVE-1999-1051	2008-09-6 05:18	1999-11-16	Show	GitHub Exploit DB Packet Storm

351112	-	apache matt_wright	http_server matt_wright_guestbook	guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1…	NVD-CWE-Other	CVE-1999-1053	2008-09-6 05:18	1999-09-13	Show	GitHub Exploit DB Packet Storm

351113	-	digital	vms	VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.	NVD-CWE-Other	CVE-1999-1057	2008-09-6 05:18	1990-10-25	Show	GitHub Exploit DB Packet Storm

351114	-	att	svr4	Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.	NVD-CWE-Other	CVE-1999-1059	2008-09-6 05:18	1992-02-25	Show	GitHub Exploit DB Packet Storm

351115	-	xylogics	annex	Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.	NVD-CWE-Other	CVE-1999-1070	2008-09-6 05:18	1998-07-25	Show	GitHub Exploit DB Packet Storm

351116	-	ipswitch	ws_ftp_pro	WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.	NVD-CWE-Other	CVE-1999-1078	2008-09-6 05:18	1999-07-29	Show	GitHub Exploit DB Packet Storm

351117	-	bsd	bsd	Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.	NVD-CWE-Other	CVE-1999-1098	2008-09-6 05:18	1995-03-3	Show	GitHub Exploit DB Packet Storm

351118	-	sgi apple bsd sun	irix a_ux bsd sunos	lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000…	NVD-CWE-Other	CVE-1999-1102	2008-09-6 05:18	1999-12-31	Show	GitHub Exploit DB Packet Storm

351119	-	digital	osf_1	dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.	NVD-CWE-Other	CVE-1999-1103	2008-09-6 05:18	1996-04-3	Show	GitHub Exploit DB Packet Storm

351120	-	microsoft	windows_95	Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary f…	NVD-CWE-Other	CVE-1999-1105	2008-09-6 05:18	1999-12-31	Show	GitHub Exploit DB Packet Storm