Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1141 5.9 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるURL エンコーディング(16進エンコーディング)の処理に関する脆弱性 CWE-177
URLエンコーディング(16進エンコーディング)の不適切な処理 		CVE-2026-6414 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
1142 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-6515 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
1143 8.8 重要
Network 		CPS-IT Mailqueue CPS-ITのMailqueueにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-1323 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
1144 6.5 警告
Network 		Linux Foundation Backstage/plugin-scaffolder-backend Linux FoundationのBackstage/plugin-scaffolder-backendにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-29184 2026-04-27 11:19 2026-03-7 Show GitHub Exploit DB Packet Storm
1145 4.3 警告
Network 		Guido Schmechel (ayacoo) redirect_tab Guido Schmechel (ayacoo)のredirect_tabにおける複数の脆弱性 CWE-200
CWE-862
CWE-862
CVE-2026-4202 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
1146 8.8 重要
Network 		Ralf Freit (MrSilaz) mfa_mail Ralf Freit (MrSilaz)のmfa_mailにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-4208 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
1147 8.1 重要
Network 		HashiCorp Vault HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 CWE-288
代替パスまたはチャネルを使用した認証回避 		CVE-2026-3605 2026-04-27 11:19 2026-04-17 Show GitHub Exploit DB Packet Storm
1148 9.4 緊急
Network 		dgraph dgraph dgraphにおける複数の脆弱性 CWE-200
CWE-215
CWE-522
CVE-2026-40173 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
1149 7.8 重要
Local 		Composer Composer Composerにおける複数の脆弱性 CWE-20
CWE-78
CWE-78
CVE-2026-40176 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
1150 6.1 警告
Network 		Apostrophe Technologies sanitize-html
ApostropheCMS 		Apostrophe TechnologiesのApostropheCMS等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40186 2026-04-27 11:18 2026-04-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347211 - foundrynet serveriron ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. NVD-CWE-Other
CVE-2000-0178 2008-09-11 04:03 2000-02-28 Show GitHub Exploit DB Packet Storm
347212 - hp openview_omniback_ii HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555. NVD-CWE-Other
CVE-2000-0179 2008-09-11 04:03 2000-02-28 Show GitHub Exploit DB Packet Storm
347213 - checkpoint firewall-1 Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection. NVD-CWE-Other
CVE-2000-0181 2008-09-11 04:03 2000-03-11 Show GitHub Exploit DB Packet Storm
347214 - michael_sandrof ircii Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. NVD-CWE-Other
CVE-2000-0183 2008-09-11 04:03 2000-03-10 Show GitHub Exploit DB Packet Storm
347215 - mandrakesoft
redhat 		mandrake_linux
linux 		Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. NVD-CWE-Other
CVE-2000-0184 2008-09-11 04:03 2000-03-9 Show GitHub Exploit DB Packet Storm
347216 - realnetworks realserver
realserver_g2 		RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. NVD-CWE-Other
CVE-2000-0185 2008-09-11 04:03 2000-03-8 Show GitHub Exploit DB Packet Storm
347217 - freebsd
mandrakesoft
redhat
turbolinux 		freebsd
mandrake_linux
linux
turbolinux 		Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. NVD-CWE-Other
CVE-2000-0186 2008-09-11 04:03 2000-02-28 Show GitHub Exploit DB Packet Storm
347218 - alex_heiphetz_group ezshopper EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. NVD-CWE-Other
CVE-2000-0187 2008-09-11 04:03 2000-02-27 Show GitHub Exploit DB Packet Storm
347219 - alex_heiphetz_group ezshopper EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. NVD-CWE-Other
CVE-2000-0188 2008-09-11 04:03 2000-02-27 Show GitHub Exploit DB Packet Storm
347220 - allaire coldfusion_server ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. NVD-CWE-Other
CVE-2000-0189 2008-09-11 04:03 2000-03-1 Show GitHub Exploit DB Packet Storm