Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
210301	5.4	警告	jinfra	-	Android 用 Guess The Movie アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5825	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210302	5.4	警告	ilovegame	-	Android 用 longjiang アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5824	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210303	5.4	警告	thecleanerapp	-	Android 用 The Cleaner - Speed up & Clean アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5823	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210304	5.4	警告	kate mobile	-	Android 用 VK Kate Mobile アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5822	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210305	5.4	警告	guitartuna	-	Android 用 Guitar Tuner Free - GuitarTuna アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5821	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210306	5.4	警告	okcupid	-	Android 用 OkCupid Dating (com.okcupid.okcupid) アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5820	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210307	5.4	警告	mopl	-	Android 用 PHONE for Google Voice & GTalk アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5819	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210308	5.4	警告	mobage	-	Android 用 Tiny Tower アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5818	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210309	5.4	警告	Miniclip.com	-	Android 用 Mini Pets アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5817	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

210310	5.4	警告	meipai	-	Android 用 MeiPai アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-5816	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	9.6	CRITICAL Network	-	-	NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can supply … Update	CWE-20 CWE-22 Improper Input Validation Path Traversal	CVE-2026-39399	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

312	9.9	CRITICAL Network	-	-	OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the serve… New	CWE-94 CWE-917 Code Injection Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')	CVE-2026-39842	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

313	8.1	HIGH Network	-	-	An access control vulnerability was discovered in the Threat Intelligence functionality due to a specific access restriction not being properly enforced for users with view-only privileges. An authen… New	CWE-863 Incorrect Authorization	CVE-2025-40897	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

314	8.9	HIGH Network	-	-	A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges … New	CWE-79 Cross-site Scripting	CVE-2025-40899	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

315	8.3	HIGH Network	-	-	mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Versions 3.4.0 and prior contain an argument injection vulnerability in the port_forward tool in src/tools/… New	CWE-88 Argument Injection	CVE-2026-39884	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

316	6.9	MEDIUM Network	-	-	Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipity_setCookie() function in include/functions_config.inc.php uses $_SERVER['HTTP_HOST'] without validation as… New	CWE-565 Reliance on Cookies without Validation and Integrity Checking	CVE-2026-39963	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

317	7.2	HIGH Network	-	-	Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $_SERVER['HTTP_HOST'] directly into the Message-ID SM… New	CWE-113 HTTP Response Splitting	CVE-2026-39971	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

318	5.5	MEDIUM Local	-	-	Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimest… New	CWE-295 Improper Certificate Validation	CVE-2026-39984	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

319	7.1	HIGH Network	-	-	Zarf is an Airgap Native Packager Manager for Kubernetes. Versions 0.23.0 through 0.74.1 contain an arbitrary file write vulnerability in the zarf package inspect sbom and zarf package inspect docume… New	CWE-22 Path Traversal	CVE-2026-40090	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

320	-		-	-	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules). This vulnerability is associated with program files G3413CTRBl… New	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2025-14813	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm