Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214981 6.5 警告 X.Org Foundation - X.Org X11 の xorg-server モジュールの dix/dixfonts.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4396 2014-04-7 17:35 2013-10-8 Show GitHub Exploit DB Packet Storm
214982 2.6 注意 Quagga - Quagga の OSPFD API の new_msg_lsa_change_notify 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-2236 2014-04-7 17:34 2013-07-28 Show GitHub Exploit DB Packet Storm
214983 5 警告 Apache Software Foundation - Apache HTTP Server 用 mod_fcgid モジュールにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4365 2014-04-7 17:33 2013-09-29 Show GitHub Exploit DB Packet Storm
214984 2.6 注意 Apache Software Foundation - Apache Subversion 用 mod_dontdothat の is_this_legal 関数におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4505 2014-04-7 17:32 2013-11-25 Show GitHub Exploit DB Packet Storm
214985 1.8 注意 Memcached - Memcached におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-7291 2014-04-7 17:23 2013-12-20 Show GitHub Exploit DB Packet Storm
214986 1.8 注意 Memcached - Memcached の items.c の do_item_get 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-7290 2014-04-7 17:21 2013-12-20 Show GitHub Exploit DB Packet Storm
214987 4.8 警告 Memcached - Memcached における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2013-7239 2014-04-7 17:20 2013-12-20 Show GitHub Exploit DB Packet Storm
214988 5 警告 The PHP Group
アップル		 - PHP の SOAP パーサにおける任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2013-1643 2014-04-7 17:18 2013-02-21 Show GitHub Exploit DB Packet Storm
214989 7.5 危険 The PHP Group
アップル		 - PHP の ext/soap/soap.c におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1635 2014-04-7 17:17 2013-02-21 Show GitHub Exploit DB Packet Storm
214990 5.8 警告 シーメンス - Siemens SIMATIC S7-1500 CPU PLC デバイスのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-2249 2014-04-7 17:05 2014-03-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
521 6.5 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In versions 29.0 and prior, the locale save endpoint (`locale/save.php`) constructs a file path by directly concatenating `$_POST['flag']` into the path … New CWE-22
Path Traversal 		CVE-2026-40909 2026-04-24 03:55 2026-04-22 Show GitHub Exploit DB Packet Storm
522 6.1 MEDIUM
Network 		oracle identity_manager Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: Identity Console). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitabl… New CWE-284
CWE-601
Improper Access Control
Open Redirect 		CVE-2026-34283 2026-04-24 03:50 2026-04-22 Show GitHub Exploit DB Packet Storm
523 6.1 MEDIUM
Network 		oracle business_process_management_suite Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware (component: Human workflow 11g+). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.… New CWE-284
CWE-601
Improper Access Control
Open Redirect 		CVE-2026-34284 2026-04-24 03:50 2026-04-22 Show GitHub Exploit DB Packet Storm
524 8.7 HIGH
Network 		oracle http_server Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to exploit vulnerability… New CWE-284
Improper Access Control 		CVE-2026-34291 2026-04-24 03:48 2026-04-22 Show GitHub Exploit DB Packet Storm
525 7.2 HIGH
Network 		oracle weblogic_server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerabili… New CWE-284
Improper Access Control 		CVE-2026-34292 2026-04-24 03:47 2026-04-22 Show GitHub Exploit DB Packet Storm
526 8.8 HIGH
Network 		nicolargo glances Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery (SSRF) vulnerability exists in the Glances IP plugin due to improper validation … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-35587 2026-04-24 03:42 2026-04-21 Show GitHub Exploit DB Packet Storm
527 9.8 CRITICAL
Network 		reconurge flowsint Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Flowsint allows a user to create investigations, which are used to ma… New CWE-78
OS Command  		CVE-2026-32311 2026-04-24 03:41 2026-04-21 Show GitHub Exploit DB Packet Storm
528 8.4 HIGH
Local 		gitlawb openclaude OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Versions prior to 0.5.1 have a logic flaw in `bashToolHasPermission()` inside `src/tools/BashTool… New CWE-22
CWE-284
Path Traversal
Improper Access Control 		CVE-2026-35570 2026-04-24 03:37 2026-04-21 Show GitHub Exploit DB Packet Storm
529 10.0 CRITICAL
Network 		anthropic claude_code Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Clau… New CWE-22
CWE-61
Path Traversal
 UNIX Symbolic Link (Symlink) Following 		CVE-2026-39861 2026-04-24 03:36 2026-04-21 Show GitHub Exploit DB Packet Storm
530 5.3 MEDIUM
Network 		netfoundry zrok zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the unaccess handler (controller/unaccess.go) contains a logical error in its ownership guard: when a … Update CWE-284
CWE-863
Improper Access Control
 Incorrect Authorization 		CVE-2026-40304 2026-04-24 03:33 2026-04-18 Show GitHub Exploit DB Packet Storm