Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201981	9.3	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-8058	2015-12-11 16:29	2015-12-8	Show	GitHub Exploit DB Packet Storm

201982	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-8057	2015-12-11 16:29	2015-12-8	Show	GitHub Exploit DB Packet Storm

201983	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-8056	2015-12-11 16:29	2015-12-8	Show	GitHub Exploit DB Packet Storm

201984	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-8055	2015-12-11 16:29	2015-12-8	Show	GitHub Exploit DB Packet Storm

201985	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-8048	2015-12-11 16:28	2015-12-8	Show	GitHub Exploit DB Packet Storm

201986	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2015-8415	2015-12-11 16:27	2015-12-8	Show	GitHub Exploit DB Packet Storm

201987	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR におけるアクセス制限を回避される脆弱性	CWE-noinfo 情報不足	CVE-2015-8409	2015-12-11 16:26	2015-12-8	Show	GitHub Exploit DB Packet Storm

201988	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2015-8407	2015-12-11 16:26	2015-12-8	Show	GitHub Exploit DB Packet Storm

201989	9.3	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR の MovieClip オブジェクトの実装における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-8050	2015-12-11 16:25	2015-12-8	Show	GitHub Exploit DB Packet Storm

201990	9.3	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR の TextField オブジェクトの実装における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-8049	2015-12-11 16:25	2015-12-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
31	-		-	-	In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path… New	-	CVE-2026-31673	2026-04-25 18:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

32	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New	-	CVE-2026-31534	2026-04-25 15:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

33	-		-	-	BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decod… New	CWE-125 CWE-193 Out-of-bounds Read Off-by-one Error	CVE-2026-41502	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

34	8.4	HIGH Local	-	-	OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker contr… New	CWE-22 CWE-59 Path Traversal Link Following	CVE-2026-41433	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

35	8.8	HIGH Local	-	-	SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer. The notification route POST /api/n… New	CWE-78 CWE-79 OS Command Cross-site Scripting	CVE-2026-41421	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

36	5.3	MEDIUM Network	-	-	@astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from _astro path with an incorrect/malformed if-match header returns a 500 er… New	CWE-525 Use of Web Browser Cache Containing Sensitive Information	CVE-2026-41322	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

37	6.5	MEDIUM Network	-	-	MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrar… New	CWE-74 Injection	CVE-2026-41319	2026-04-25 12:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

38	4.3	MEDIUM Adjacent	-	-	OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP bac… New	CWE-125 CWE-200 Out-of-bounds Read Information Exposure	CVE-2026-41079	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

39	8.8	HIGH Network	-	-	Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user (including `BASIC` role) can escalate to `ADMIN` on servers migrated from password authentication to Ope… New	CWE-284 CWE-862 Improper Access Control Missing Authorization	CVE-2026-33318	2026-04-25 12:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

40	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated us… New	CWE-284 CWE-639 CWE-915 Improper Access Control Authorization Bypass Through User-Controlled Key Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-41277	2026-04-25 11:16	2026-04-24	Show	GitHub Exploit DB Packet Storm