Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215591 7.5 危険 crossfire - CrossFire におけるバッファオーバーフローの脆弱性 - CVE-2006-1236 2014-03-11 17:43 2006-03-15 Show GitHub Exploit DB Packet Storm
215592 1.2 注意 julian pawlowski - CAPI4HylaFAX における任意のファイルを変更される脆弱性 - CVE-2006-1231 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215593 5 警告 Drupal - Drupal における CRLF インジェクションの脆弱性 - CVE-2006-1225 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215594 4.3 警告 runcms - Runcms におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-1216 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215595 3.7 注意 comvigo - Comvigo IM Lock における製品のブロック機能を回避される脆弱性 - CVE-2006-1198 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
215596 7.5 危険 ebay - eBay Enhanced Picture Services におけるバッファオーバーフローの脆弱性 - CVE-2006-1176 2014-03-11 17:43 2006-07-8 Show GitHub Exploit DB Packet Storm
215597 7.8 危険 teg - Tenes Empanadas Graciela におけるバッファオーバーフローの脆弱性 - CVE-2006-1150 2014-03-11 17:43 2006-03-10 Show GitHub Exploit DB Packet Storm
215598 7.5 危険 inter7 - QmailAdmin におけるバッファオーバーフローの脆弱性 - CVE-2006-1141 2014-03-11 17:43 2006-03-10 Show GitHub Exploit DB Packet Storm
215599 5 警告 Xerox - Xerox CopyCentre および Xerox WorkCentre Pro におけるバッファオーバーフローの脆弱性 - CVE-2006-1136 2014-03-11 17:43 2006-03-10 Show GitHub Exploit DB Packet Storm
215600 7.5 危険 revilloc solutions - RevilloC MailServer および Proxy におけるバッファオーバーフローの脆弱性 - CVE-2006-1124 2014-03-11 17:43 2006-03-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
521 - - - Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux (QUIC protocol implementation, packet processing module, STREAM frame h… CWE-20
CWE-347
 Improper Input Validation 
 Improper Verification of Cryptographic Signature 		CVE-2026-6328 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
522 7.8 HIGH
Local 		- - libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loa… CWE-416
 Use After Free 		CVE-2026-33023 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
523 - - - Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the… CWE-78
OS Command  		CVE-2026-33414 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
524 3.5 LOW
Physics 		- - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-i… CWE-384
CWE-613
 Session Fixation
 Insufficient Session Expiration 		CVE-2026-34454 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
525 9.1 CRITICAL
Network 		- - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication bypass in deployments where OAuth2 Proxy… CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-34457 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
526 9.9 CRITICAL
Network 		- - Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint (POST /Videos/{itemId}/Subtitles), where the Format field … CWE-20
CWE-22
CWE-187
 Improper Input Validation 
Path Traversal
 Partial String Comparison 		CVE-2026-35031 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
527 5.4 MEDIUM
Network 		- - Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user's web browser. CWE-79
Cross-site Scripting 		CVE-2026-26291 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
528 7.5 HIGH
Network 		- - Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved. CWE-670
 Always-Incorrect Control Flow Implementation 		CVE-2026-40719 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
529 7.5 HIGH
Network 		- - Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2026-5088 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
530 - - - Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the LiveTV M3U tuner endpoint (POST /LiveTv/TunerHosts), where the tuner URL is not val… CWE-73
CWE-918
 External Control of File Name or Path
Server-Side Request Forgery (SSRF)  		CVE-2026-35032 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm