Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215591 7.5 危険 crossfire - CrossFire におけるバッファオーバーフローの脆弱性 - CVE-2006-1236 2014-03-11 17:43 2006-03-15 Show GitHub Exploit DB Packet Storm
215592 1.2 注意 julian pawlowski - CAPI4HylaFAX における任意のファイルを変更される脆弱性 - CVE-2006-1231 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215593 5 警告 Drupal - Drupal における CRLF インジェクションの脆弱性 - CVE-2006-1225 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215594 4.3 警告 runcms - Runcms におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-1216 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215595 3.7 注意 comvigo - Comvigo IM Lock における製品のブロック機能を回避される脆弱性 - CVE-2006-1198 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215596 7.5 危険 ebay - eBay Enhanced Picture Services におけるバッファオーバーフローの脆弱性 - CVE-2006-1176 2014-03-11 17:43 2006-07-8 Show GitHub Exploit DB Packet Storm
215597 7.8 危険 teg - Tenes Empanadas Graciela におけるバッファオーバーフローの脆弱性 - CVE-2006-1150 2014-03-11 17:43 2006-03-10 Show GitHub Exploit DB Packet Storm
215598 7.5 危険 inter7 - QmailAdmin におけるバッファオーバーフローの脆弱性 - CVE-2006-1141 2014-03-11 17:43 2006-03-10 Show GitHub Exploit DB Packet Storm
215599 5 警告 Xerox - Xerox CopyCentre および Xerox WorkCentre Pro におけるバッファオーバーフローの脆弱性 - CVE-2006-1136 2014-03-11 17:43 2006-03-10 Show GitHub Exploit DB Packet Storm
215600 7.5 危険 revilloc solutions - RevilloC MailServer および Proxy におけるバッファオーバーフローの脆弱性 - CVE-2006-1124 2014-03-11 17:43 2006-03-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351 5.4 MEDIUM
Network 		- - Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, the serviceAccounts and notServiceAccounts fields… New CWE-185
CWE-863
 Incorrect Regular Expression
 Incorrect Authorization 		CVE-2026-39350 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
352 - - - Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attac… New CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-40192 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
353 2.9 LOW
Local 		- - Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path. New CWE-426
 Untrusted Search Path 		CVE-2026-40947 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
354 8.8 HIGH
Network 		- - OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient… New CWE-862
 Missing Authorization 		CVE-2026-40502 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
355 6.5 MEDIUM
Network 		- - OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /mem… New CWE-22
Path Traversal 		CVE-2026-40503 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
356 - - - Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of… New CWE-79
Cross-site Scripting 		CVE-2026-40179 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
357 8.8 HIGH
Network 		- - OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain an RCE vulnerability in the .github/workfl… New CWE-94
CWE-95
Code Injection
Eval Injection 		CVE-2026-40316 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
358 8.2 HIGH
Network 		- - maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied usernames are interpolated into LDAP search … New CWE-90
LDAP Injection 		CVE-2026-40193 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
359 7.5 HIGH
Network 		- - Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions 4.2.1 and below contain an information disclosure vulnerability in the UDR (Unified Data Repo… New CWE-200
CWE-202
CWE-209
Information Exposure
 Exposure of Sensitive Information Through Data Queries
Information Exposure Through an Error Message 		CVE-2026-40245 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
360 9.3 CRITICAL
Local 		- - Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod. New CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-40959 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm