Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2001 8.1 重要
Network 		Monospace Inc Directus Monospace IncのDirectusにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-35412 2026-04-21 10:46 2026-04-6 Show GitHub Exploit DB Packet Storm
2002 5.3 警告
Network 		Monospace Inc Directus Monospace IncのDirectusにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-35413 2026-04-21 10:46 2026-04-6 Show GitHub Exploit DB Packet Storm
2003 6.5 警告
Network 		Monospace Inc Directus Monospace IncのDirectusにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-35441 2026-04-21 10:46 2026-04-6 Show GitHub Exploit DB Packet Storm
2004 8.1 重要
Network 		Monospace Inc Directus Monospace IncのDirectusにおける複数の脆弱性 CWE-200
CWE-863
CVE-2026-35442 2026-04-21 10:46 2026-04-6 Show GitHub Exploit DB Packet Storm
2005 9.1 緊急
Network 		pyLoad-ng project pyLoad-ng pyLoad-ng projectのpyLoad-ngにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-35459 2026-04-21 10:46 2026-04-6 Show GitHub Exploit DB Packet Storm
2006 9.9 緊急
Network 		inventree project inventree inventree projectのinventreeにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-35477 2026-04-21 10:46 2026-04-8 Show GitHub Exploit DB Packet Storm
2007 8.1 重要
Network 		inventree project inventree inventree projectのinventreeにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-35478 2026-04-21 10:45 2026-04-8 Show GitHub Exploit DB Packet Storm
2008 7.5 重要
Network 		liquidjs liquidjs liquidjsにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-39412 2026-04-21 10:45 2026-04-8 Show GitHub Exploit DB Packet Storm
2009 5.5 警告
Network 		MaxKB MaxKB MaxKBにおける複数の脆弱性 CWE-20
CWE-78
CVE-2026-39417 2026-04-21 10:45 2026-04-14 Show GitHub Exploit DB Packet Storm
2010 7.4 重要
Network 		MaxKB MaxKB MaxKBにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-39418 2026-04-21 10:45 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347321 - thttpd thttpd_http_server Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function. NVD-CWE-Other
CVE-1999-1457 2008-09-11 04:01 1999-11-16 Show GitHub Exploit DB Packet Storm
347322 - next
sgi
cray
sun 		next
irix
unicos
sunos 		rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. NVD-CWE-Other
CVE-1999-1468 2008-09-11 04:01 1991-10-22 Show GitHub Exploit DB Packet Storm
347323 - oracle oracle8i
oracle9i 		Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible. CWE-94
Code Injection 		CVE-2004-0637 2008-09-10 13:00 2004-09-2 Show GitHub Exploit DB Packet Storm
347324 - realnetworks realserver RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. NVD-CWE-Other
CVE-2000-0001 2008-09-10 13:00 1999-12-23 Show GitHub Exploit DB Packet Storm
347325 - cisco ios The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. CWE-20
 Improper Input Validation  		CVE-2000-0380 2008-09-10 13:00 2000-04-26 Show GitHub Exploit DB Packet Storm
347326 - postgresql postgresql Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and poss… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2002-1401 2008-09-10 13:00 2003-01-17 Show GitHub Exploit DB Packet Storm
347327 - freebsd freebsd FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument. NVD-CWE-Other
CVE-1999-0821 2008-09-9 21:36 1999-11-8 Show GitHub Exploit DB Packet Storm
347328 - qualcomm qpopper Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command. NVD-CWE-Other
CVE-1999-0822 2008-09-9 21:36 1999-11-30 Show GitHub Exploit DB Packet Storm
347329 - freebsd freebsd Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument. NVD-CWE-Other
CVE-1999-0823 2008-09-9 21:36 1999-12-1 Show GitHub Exploit DB Packet Storm
347330 - microsoft windows_nt A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later us… NVD-CWE-Other
CVE-1999-0824 2008-09-9 21:36 1999-11-30 Show GitHub Exploit DB Packet Storm