Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199931 8.6 重要
Network 		Debian
Inspire IRCd		 - InspIRCd の dns.cpp の DNS::GetResult 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8702 2016-04-21 16:05 2015-04-16 Show GitHub Exploit DB Packet Storm
199932 7.5 重要
Network 		Debian
Canonical
Fedora Project
libssh		 - libssh の package_cb.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2015-3146 2016-04-21 16:00 2015-04-30 Show GitHub Exploit DB Packet Storm
199933 4.3 警告
Network 		Tryton
Debian		 - trytond の model/modelstorage.py におけるアクセス制限を回避される脆弱性が存在します。 CWE-264
認可・権限・アクセス制御 		CVE-2015-0861 2016-04-21 15:50 2015-12-17 Show GitHub Exploit DB Packet Storm
199934 5.3 警告
Network 		Redmine
Debian		 - Redmine の app/views/journals/index.builder における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-8537 2016-04-21 15:47 2015-12-5 Show GitHub Exploit DB Packet Storm
199935 7.4 重要
Network 		Redmine
Debian		 - Redmine の app/controllers/application_controller.rb の valid_back_url 関数におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2015-8474 2016-04-21 15:47 2015-09-13 Show GitHub Exploit DB Packet Storm
199936 4.3 警告
Network 		Redmine
Debian		 - Redmine の Issues API における changeset のメッセージの重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-8473 2016-04-21 15:47 2015-11-14 Show GitHub Exploit DB Packet Storm
199937 5.3 警告
Network 		Redmine
Debian		 - Redmine の app/views/timelog/_form.html.erb における issues の subjects に関する重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2015-8346 2016-04-21 15:47 2015-11-14 Show GitHub Exploit DB Packet Storm
199938 5.5 警告
Local 		Fedora Project
The GIFLIB project		 - giflib の giffix の giffix.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-7555 2016-04-21 15:45 2015-12-21 Show GitHub Exploit DB Packet Storm
199939 6.1 警告
Local 		Huawei - Huawei P8 および Mate S スマートフォンのソフトウェアの Video0 ドライバにおけるスタックメモリから重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8682 2016-04-21 15:45 2015-12-25 Show GitHub Exploit DB Packet Storm
199940 4.3 警告
Network 		Huawei - Huawei FusionCompute のソフトウェアにおける重要な "ロールおよびパーミッション" 情報を取得される脆弱性 CWE-200
CWE-264
CVE-2015-8336 2016-04-21 15:45 2015-11-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
501 - - - MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability through the application name or icon fields when creating an ap… Update CWE-79
Cross-site Scripting 		CVE-2026-39422 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
502 - - - MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an Eval Injection vulnerability in the Markdown rendering engine that allows any user capable of interacting with… Update CWE-79
CWE-95
Cross-site Scripting
Eval Injection 		CVE-2026-39423 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
503 - - - MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administr… Update CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2026-39424 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
504 9.8 CRITICAL
Network 		- - A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talen… Update - CVE-2026-6264 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
505 4.3 MEDIUM
Network 		- - Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind Server Side Request Forgery in the functionality that allow… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-34225 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
506 3.1 LOW
Network 		- - MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python fram… Update CWE-74
CWE-290
CWE-693
Injection
 Authentication Bypass by Spoofing
 Protection Mechanism Failure 		CVE-2026-39419 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
507 - - - MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability that allows authenticated users to inject arbitrary HTML and Ja… Update CWE-80
Basic XSS 		CVE-2026-39425 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
508 - - - MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability where the frontend's MdRenderer.vue component parses custom <if… Update CWE-79
Cross-site Scripting 		CVE-2026-39426 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
509 - - - External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Versions 2.2.0 and below contain a vulnerability in runtime/template… Update CWE-200
Information Exposure 		CVE-2026-34984 2026-04-18 00:26 2026-04-14 Show GitHub Exploit DB Packet Storm
510 2.7 LOW
Network 		- - SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/manage_storage_unit.php. Update CWE-89
SQL Injection 		CVE-2026-37589 2026-04-18 00:25 2026-04-15 Show GitHub Exploit DB Packet Storm