Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229851 5 警告 Mozilla Foundation - Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1987 2012-09-25 17:38 2010-05-20 Show GitHub Exploit DB Packet Storm
229852 5 警告 Mozilla Foundation - Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1986 2012-09-25 17:38 2010-05-20 Show GitHub Exploit DB Packet Storm
229853 2.1 注意 michael nichols - Drupal 用の Taxonomy Breadcrumb モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1984 2012-09-25 17:38 2010-03-31 Show GitHub Exploit DB Packet Storm
229854 5 警告 joomlart - Joomla! 用の javoice コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1982 2012-09-25 17:38 2010-05-19 Show GitHub Exploit DB Packet Storm
229855 2.1 注意 michael nichols - Drupal 用の Taxonomy Breadcrumb モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1976 2012-09-25 17:38 2010-03-31 Show GitHub Exploit DB Packet Storm
229856 6.8 警告 ヒューレット・パッカード - HP OpenVMS における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-1973 2012-09-25 17:38 2010-07-12 Show GitHub Exploit DB Packet Storm
229857 9 危険 ヒューレット・パッカード - HPCA Enterprise Infrastructure のデフォルト設定におけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2010-1972 2012-09-25 17:38 2010-07-12 Show GitHub Exploit DB Packet Storm
229858 6.8 警告 ヒューレット・パッカード - Windows 用の HP Insight Software Installer におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-1971 2012-09-25 17:38 2010-07-12 Show GitHub Exploit DB Packet Storm
229859 4.6 警告 ヒューレット・パッカード - Windows 用の HP Insight Software Installer における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-1970 2012-09-25 17:38 2010-07-12 Show GitHub Exploit DB Packet Storm
229860 4.3 警告 ヒューレット・パッカード - Windows 用の HP Virtual Connect Enterprise Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1969 2012-09-25 17:38 2010-07-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
241 - - - DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerT… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-40901 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
242 4.8 MEDIUM
Network 		- - Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to bypass t… New CWE-305
CWE-319
 Authentication Bypass by Primary Weakness
Cleartext Transmission of Sensitive Information 		CVE-2026-33472 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
243 4.9 MEDIUM
Network 		- - Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox… New CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-34164 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
244 - - - mcp-framework is a framework for building Model Context Protocol (MCP) servers. In versions 0.2.21 and below, the readRequestBody() function in the HTTP transport concatenates request body chunks int… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-39313 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
245 - - - free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceI… New CWE-285
Improper Authorization 		CVE-2026-40246 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
246 - - - free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for reading Traffic Influence Subscriptions checks whether the influenceId… New CWE-285
CWE-636
Improper Authorization
 Not Failing Securely ('Failing Open') 		CVE-2026-40247 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
247 - - - spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocat… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-35469 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
248 7.5 HIGH
Network 		- - ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack bu… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-40170 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
249 - - - free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether th… New CWE-285
CWE-636
Improper Authorization
 Not Failing Securely ('Failing Open') 		CVE-2026-40248 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
250 - - - free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/pol… New CWE-636
CWE-754
 Not Failing Securely ('Failing Open')
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-40249 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm