Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
220451 6 警告 アップル
MySQL AB		 - MySQL の sql/sql_table.cc におけるアクセス制限を回避される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-7247 2013-11-1 14:17 2009-11-30 Show GitHub Exploit DB Packet Storm
220452 4.6 警告 サイバートラスト株式会社
MySQL AB
レッドハット		 - MySQL における特定の権限チェックを回避される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4098 2013-11-1 14:16 2008-09-18 Show GitHub Exploit DB Packet Storm
220453 5.1 警告 Dan Kogai
The Perl Foundation		 - Perl の Encode モジュールにおける一つずれエラーの脆弱性 CWE-189
数値処理の問題 		CVE-2011-2939 2013-11-1 14:12 2012-01-13 Show GitHub Exploit DB Packet Storm
220454 5 警告 The Perl Foundation - Perl の正規表現エンジンにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1158 2013-11-1 14:11 2010-04-8 Show GitHub Exploit DB Packet Storm
220455 1.2 注意 ヒューレット・パッカード
サイバートラスト株式会社
The Perl Foundation
ターボリナックス
レッドハット		 - Perl の rmtree() 関数における任意のファイルへのシンボリックリンクを作成される脆弱性 - CVE-2005-0448 2013-11-1 14:10 2005-02-14 Show GitHub Exploit DB Packet Storm
220456 2.1 注意 サイバートラスト株式会社
The Perl Foundation
IBM
レッドハット		 - Perl の PerlIO の実装における任意のコードを実行される脆弱性 - CVE-2005-0156 2013-11-1 14:09 2005-01-31 Show GitHub Exploit DB Packet Storm
220457 2.6 注意 ヒューレット・パッカード
サイバートラスト株式会社
The Perl Foundation
ターボリナックス
レッドハット		 - Perl の rmtree() 関数における削除するファイルやディレクトリに対し不適切なパーミッション設定をしてしまう脆弱性 - CVE-2004-0452 2013-11-1 14:00 2005-02-14 Show GitHub Exploit DB Packet Storm
220458 4.7 警告 Linux - Linux Kernel の IPv6 の実装の net/ipv6/ip6_output.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4163 2013-11-1 10:43 2013-07-2 Show GitHub Exploit DB Packet Storm
220459 2.1 注意 オラクル - Oracle Database Server の Core RDBMS における Privileged Account に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-3790 2013-11-1 10:34 2013-07-16 Show GitHub Exploit DB Packet Storm
220460 6.5 警告 オラクル - Oracle Database Server の Core RDBMS における脆弱性 CWE-noinfo
情報不足 		CVE-2013-3789 2013-11-1 10:32 2013-07-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1141 7.5 HIGH
Network 		- - Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes public chart retrieval and export ro… CWE-284
Improper Access Control 		CVE-2026-40595 2026-05-2 00:31 2026-05-1 Show GitHub Exploit DB Packet Storm
1142 8.1 HIGH
Network 		- - Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew allows authenticated users with access to on… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-40600 2026-05-2 00:31 2026-05-1 Show GitHub Exploit DB Packet Storm
1143 6.5 MEDIUM
Network 		- - Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that return… CWE-284
Improper Access Control 		CVE-2026-40603 2026-05-2 00:31 2026-05-1 Show GitHub Exploit DB Packet Storm
1144 8.1 HIGH
Network 		- - Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes multiple dataset and dataRequest end… CWE-284
Improper Access Control 		CVE-2026-40904 2026-05-2 00:31 2026-05-1 Show GitHub Exploit DB Packet Storm
1145 4.4 MEDIUM
Local 		- - Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious … CWE-134
Use of Externally-Controlled Format String 		CVE-2026-6539 2026-05-2 00:29 2026-05-1 Show GitHub Exploit DB Packet Storm
1146 4.6 MEDIUM
Network 		- - SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious STL template payloads t… CWE-79
Cross-site Scripting 		CVE-2026-7429 2026-05-2 00:28 2026-05-1 Show GitHub Exploit DB Packet Storm
1147 7.3 HIGH
Network 		mozilla firefox
thunderbird 		Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitr… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-7324 2026-05-2 00:27 2026-04-29 Show GitHub Exploit DB Packet Storm
1148 6.5 MEDIUM
Network 		- - IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, pote… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-3340 2026-05-2 00:27 2026-05-1 Show GitHub Exploit DB Packet Storm
1149 6.4 MEDIUM
Network 		- - IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus al… CWE-89
SQL Injection 		CVE-2026-3346 2026-05-2 00:27 2026-05-1 Show GitHub Exploit DB Packet Storm
1150 6.5 MEDIUM
Network 		- - IBM Langflow Desktop 1.2.0 through 1.8.4 Langflow could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot d… CWE-22
Path Traversal 		CVE-2026-4502 2026-05-2 00:27 2026-05-1 Show GitHub Exploit DB Packet Storm