Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220741	6.8	警告	レッドハット	-	JBoss Enterprise Portal Platform の GateIn Portal コンポーネントにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-3532	2013-04-16 16:20	2012-08-23	Show	GitHub Exploit DB Packet Storm

220742	9.3	危険	IBM	-	IBM Cognos Disclosure Management およびその他の製品における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0501	2013-04-16 16:15	2013-04-5	Show	GitHub Exploit DB Packet Storm

220743	9.3	危険	IBM	-	複数の IBM 製品における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-5937	2013-04-16 15:56	2013-04-10	Show	GitHub Exploit DB Packet Storm

220744	5	警告	OpenStack	-	複数の OpenStack コンポーネントにおけるアクセスの制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2013-0282	2013-04-16 15:52	2013-02-20	Show	GitHub Exploit DB Packet Storm

220745	5	警告	OpenStack	-	OpenStack Keystone の Grizzly および Folsom におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-0270	2013-04-16 15:47	2013-04-4	Show	GitHub Exploit DB Packet Storm

220746	7.5	危険	ZAPms	-	ZAPms における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-3050	2013-04-16 15:40	2013-04-10	Show	GitHub Exploit DB Packet Storm

220747	7.1	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1151	2013-04-15 11:42	2013-04-10	Show	GitHub Exploit DB Packet Storm

220748	5.7	警告	シスコシステムズ	-	Cisco ユニバーサルブロードバンド 10000 シリーズルータにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1189	2013-04-15 11:39	2013-04-10	Show	GitHub Exploit DB Packet Storm

220749	6.6	警告	シスコシステムズ	-	Cisco AnyConnect Secure Mobility Client におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-1173	2013-04-15 11:38	2013-04-10	Show	GitHub Exploit DB Packet Storm

220750	6.6	警告	シスコシステムズ	-	Cisco AnyConnect Secure Mobility Client における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2013-1172	2013-04-15 11:38	2013-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
31	-		-	-	In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path… New	-	CVE-2026-31673	2026-04-25 18:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

32	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New	-	CVE-2026-31534	2026-04-25 15:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

33	-		-	-	BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decod… New	CWE-125 CWE-193 Out-of-bounds Read Off-by-one Error	CVE-2026-41502	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

34	8.4	HIGH Local	-	-	OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker contr… New	CWE-22 CWE-59 Path Traversal Link Following	CVE-2026-41433	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

35	8.8	HIGH Local	-	-	SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer. The notification route POST /api/n… New	CWE-78 CWE-79 OS Command Cross-site Scripting	CVE-2026-41421	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

36	5.3	MEDIUM Network	-	-	@astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from _astro path with an incorrect/malformed if-match header returns a 500 er… New	CWE-525 Use of Web Browser Cache Containing Sensitive Information	CVE-2026-41322	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

37	6.5	MEDIUM Network	-	-	MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrar… New	CWE-74 Injection	CVE-2026-41319	2026-04-25 12:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

38	4.3	MEDIUM Adjacent	-	-	OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP bac… New	CWE-125 CWE-200 Out-of-bounds Read Information Exposure	CVE-2026-41079	2026-04-25 12:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

39	8.8	HIGH Network	-	-	Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user (including `BASIC` role) can escalate to `ADMIN` on servers migrated from password authentication to Ope… New	CWE-284 CWE-862 Improper Access Control Missing Authorization	CVE-2026-33318	2026-04-25 12:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

40	8.8	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated us… New	CWE-284 CWE-639 CWE-915 Improper Access Control Authorization Bypass Through User-Controlled Key Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-41277	2026-04-25 11:16	2026-04-24	Show	GitHub Exploit DB Packet Storm