Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216811 9.3 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-5331 2014-01-9 19:42 2013-12-10 Show GitHub Exploit DB Packet Storm
216812 3.5 注意 Apache Software Foundation - Apache Subversion の mod_dav_svn の Apache HTTPD サーバモジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4558 2014-01-9 19:36 2013-11-25 Show GitHub Exploit DB Packet Storm
216813 5 警告 varnish-cache.org - Varnish におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-4484 2014-01-9 19:20 2013-10-29 Show GitHub Exploit DB Packet Storm
216814 7.5 危険 Google - Google Chrome で使用される Google V8 におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-2919 2014-01-9 18:27 2013-10-1 Show GitHub Exploit DB Packet Storm
216815 7.5 危険 Google - Google Chrome で使用される Blink の DOM の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2918 2014-01-9 18:25 2013-10-1 Show GitHub Exploit DB Packet Storm
216816 5 警告 Google - Google Chrome で使用される Blink の Web Audio の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-2917 2014-01-9 18:23 2013-10-1 Show GitHub Exploit DB Packet Storm
216817 6.8 警告 feep.net
レッドハット		 - libtar の lib/block.c の th_read 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2013-4397 2014-01-9 18:22 2013-10-1 Show GitHub Exploit DB Packet Storm
216818 6.9 警告 Linux - Linux Kernel の drivers/net/tun.c における権限を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4343 2014-01-9 18:20 2013-09-11 Show GitHub Exploit DB Packet Storm
216819 6 警告 Linux - Linux Kernel の drivers/md/dm-snap-persistent.c における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-4299 2014-01-9 18:17 2013-10-16 Show GitHub Exploit DB Packet Storm
216820 4.3 警告 Google - Google Chrome で使用される Blink におけるアドレスバーを偽装される脆弱性 CWE-noinfo
情報不足 		CVE-2013-2916 2014-01-9 18:16 2013-10-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
981 8.6 HIGH
Network 		- - Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unaut… New CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-34413 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
982 7.1 HIGH
Network 		- - Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in re… New CWE-22
Path Traversal 		CVE-2026-34414 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
983 9.8 CRITICAL
Network 		- - Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an i… New CWE-184
 Incomplete Blacklist 		CVE-2026-34415 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
984 5.3 MEDIUM
Network 		- - Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the applicati… New CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-41459 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
985 8.7 HIGH
Adjacent 		- - Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these p… New CWE-1104
 Use of Unmaintained Third Party Components 		CVE-2026-41468 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
986 5.2 MEDIUM
Adjacent 		- - Beghelli Sicuro24 SicuroWeb does not enforce a Content Security Policy, allowing unrestricted loading of external JavaScript resources from attacker-controlled origins. When chained with the template… New CWE-693
 Protection Mechanism Failure 		CVE-2026-41469 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
987 5.7 MEDIUM
Network 		- - Twenty is an open source CRM. Prior to 1.20.6, a Stored Cross-Site Scripting (XSS) vulnerability exists in the BlockNote editor component. Due to a lack of protocol validation in the FileBlock compon… New CWE-79
Cross-site Scripting 		CVE-2026-35451 2026-04-23 06:17 2026-04-22 Show GitHub Exploit DB Packet Storm
988 9.4 CRITICAL
Network 		- - excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or S… New CWE-22
Path Traversal 		CVE-2026-40576 2026-04-23 06:17 2026-04-22 Show GitHub Exploit DB Packet Storm
989 8.8 HIGH
Network 		- - Let's Encrypt client and ACME library written in Go (Lego). Prior to 4.34.0, the webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A ma… New CWE-22
Path Traversal 		CVE-2026-40611 2026-04-23 06:17 2026-04-22 Show GitHub Exploit DB Packet Storm
990 5.3 MEDIUM
Local 		- - A stack-use-after-return issue exists in the Arduino_Core_STM32 library prior to version 1.7.0. The pwm_start() function allocates a TIM_HandleTypeDef structure on the stack and passes its address to… Update CWE-562
CVE-2026-26399 2026-04-23 06:16 2026-04-21 Show GitHub Exploit DB Packet Storm