Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
216551	4.9	警告	WordPress.org	-	WordPress の wp-includes/capabilities.php におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5296	2014-01-22 18:43	2010-09-4	Show	GitHub Exploit DB Packet Storm

216552	4.3	警告	WordPress.org	-	WordPress の wp-admin/plugins.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5295	2014-01-22 18:41	2010-11-14	Show	GitHub Exploit DB Packet Storm

216553	4.3	警告	WordPress.org	-	WordPress の wp-admin/includes/file.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5294	2014-01-22 18:38	2010-11-14	Show	GitHub Exploit DB Packet Storm

216554	5.8	警告	WordPress.org	-	WordPress の wp-includes/comment.php におけるスパム制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5293	2014-01-22 18:35	2010-11-30	Show	GitHub Exploit DB Packet Storm

216555	4.3	警告	シスコシステムズ	-	Cisco Secure Access Control System のポータルにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0668	2014-01-22 16:37	2014-01-21	Show	GitHub Exploit DB Packet Storm

216556	2.6	注意	TYPO3 Association	-	TYPO3 の Extbase Framework の ActionController ベースクラスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7078	2014-01-22 16:32	2013-12-10	Show	GitHub Exploit DB Packet Storm

216557	3.3	注意	libimobiledevice	-	libimobiledevice の userpref.c における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2013-2142	2014-01-22 16:31	2013-08-14	Show	GitHub Exploit DB Packet Storm

216558	2.6	注意	Drupal	-	Drupal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0244	2014-01-22 16:31	2013-01-16	Show	GitHub Exploit DB Packet Storm

216559	2.7	注意	Fabrice Bellard Xen プロジェクト	-	Xen および QEMU の qemu-xen の qdisk PV ディスクバックエンドにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-4375	2014-01-22 16:22	2013-10-10	Show	GitHub Exploit DB Packet Storm

216560	1.9	注意	Linux	-	Linux Kernel の drivers/net/hamradio/yam.c の yam_ioctl 関数における重要な情報を取得される脆弱性	CWE-399 リソース管理の問題	CVE-2014-1446	2014-01-22 16:05	2014-01-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	-		-	-	MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's Snowball auto-… New	CWE-287 CWE-306 Improper Authentication Missing Authentication for Critical Function	CVE-2026-40344	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

862	6.2	MEDIUM Local	-	-	In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the pres… New	CWE-269 CWE-732 Improper Privilege Management Incorrect Permission Assignment for Critical Resource	CVE-2026-6386	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

863	2.7	LOW Network	-	-	Tanium addressed an information disclosure vulnerability in Threat Response. New	CWE-200 Information Exposure	CVE-2026-6392	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

864	2.7	LOW Network	-	-	Tanium addressed an information disclosure vulnerability in Tanium Server. New	CWE-522 Insufficiently Protected Credentials	CVE-2026-6408	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

865	2.7	LOW Network	-	-	Tanium addressed an uncontrolled resource consumption vulnerability in Interact. New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-6416	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

866	-		-	-	MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's `STREAMING-UNS… New	CWE-287 Improper Authentication	CVE-2026-41145	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

867	-		-	-	facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, `fio_json_parse` can enter an infinite loop when it encounters a nested JSON value star… New	CWE-400 CWE-835 Uncontrolled Resource Consumption Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-41146	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

868	6.5	MEDIUM Network	-	-	The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. New	CWE-89 SQL Injection	CVE-2026-6833	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

869	6.5	MEDIUM Network	-	-	The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method. New	CWE-862 Missing Authorization	CVE-2026-6834	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

870	6.1	MEDIUM Network	-	-	The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result … New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-6835	2026-04-23 06:23	2026-04-22	Show	GitHub Exploit DB Packet Storm