Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249921 4.3 警告 Google - Google Chrome におけるポップアップブロッカーを回避される脆弱性 CWE-noinfo
情報不足 		CVE-2010-4037 2011-01-26 13:10 2010-10-19 Show GitHub Exploit DB Packet Storm
249922 6.8 警告 Google - Google Chrome における URL をなりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4036 2011-01-26 13:08 2010-10-19 Show GitHub Exploit DB Packet Storm
249923 9.3 危険 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4035 2011-01-26 13:06 2010-10-19 Show GitHub Exploit DB Packet Storm
249924 9.3 危険 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4034 2011-01-26 13:04 2010-10-19 Show GitHub Exploit DB Packet Storm
249925 5 警告 Google - Google Chrome におけるプロファイルスパム攻撃を誘導される脆弱性 CWE-Other
その他 		CVE-2010-4033 2011-01-26 13:01 2010-10-19 Show GitHub Exploit DB Packet Storm
249926 9.3 危険 Google - WebKit の WebCore 内にある toAlphabetic 関数における一つずれ (off-by-one) エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1773 2011-01-26 12:59 2010-06-8 Show GitHub Exploit DB Packet Storm
249927 7.2 危険 GNU Project
VMware
サイバートラスト株式会社
レッドハット		 - GNU C library の ld.so における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3856 2011-01-25 15:48 2010-10-25 Show GitHub Exploit DB Packet Storm
249928 5.8 警告 Mozilla Foundation
オラクル		 - Mozilla Firefox の JavaScript 実装内にある js_InitRandom 関数におけるシード値を推測される脆弱性 CWE-310
暗号の問題 		CVE-2010-3400 2011-01-25 15:15 2010-09-15 Show GitHub Exploit DB Packet Storm
249929 4.3 警告 Mozilla Foundation
オラクル		 - Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2117 2011-01-25 15:13 2010-06-1 Show GitHub Exploit DB Packet Storm
249930 6.8 警告 アップル - Apple Mac OS X における脆弱性に対するアップデート CWE-134
書式文字列の問題 		CVE-2010-4013 2011-01-25 15:10 2011-01-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1061 - - - Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint that allows remote attackers to write arbitrary files to the web application root… New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-25714 2026-04-23 06:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1062 - - - Bludit CMS prior to commit 6732dde contains a reflected cross-site scripting vulnerability in the search plugin that allows unauthenticated attackers to inject arbitrary JavaScript by crafting a mali… New CWE-79
Cross-site Scripting 		CVE-2026-41456 2026-04-23 06:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1063 6.3 MEDIUM
Network 		- - nesquena hermes-webui contains a trust-boundary failure vulnerability that allows authenticated attackers to set or change a session workspace to an arbitrary existing directory on disk by manipulati… New CWE-22
Path Traversal 		CVE-2026-6829 2026-04-23 06:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1064 3.3 LOW
Local 		- - nesquena hermes-webui contains an environment variable leakage vulnerability where profile switching does not clear environment variables from the previously active profile before loading the next pr… New CWE-459
CWE-668
 Incomplete Cleanup
 Exposure of Resource to Wrong Sphere 		CVE-2026-6830 2026-04-23 06:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1065 6.1 MEDIUM
Network 		- - A reflected cross-site scripting (XSS) vulnerability in the AdvancedSearch functionality of Silverpeas Core before version 6.4.6 allows attackers to execute arbitrary JavaScript in the context of a u… New CWE-79
Cross-site Scripting 		CVE-2026-30139 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
1066 8.7 HIGH
Adjacent 		- - Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these p… New CWE-1104
 Use of Unmaintained Third Party Components 		CVE-2026-41468 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
1067 5.2 MEDIUM
Adjacent 		- - Beghelli Sicuro24 SicuroWeb does not enforce a Content Security Policy, allowing unrestricted loading of external JavaScript resources from attacker-controlled origins. When chained with the template… New CWE-693
 Protection Mechanism Failure 		CVE-2026-41469 2026-04-23 06:18 2026-04-23 Show GitHub Exploit DB Packet Storm
1068 5.7 MEDIUM
Network 		- - Twenty is an open source CRM. Prior to 1.20.6, a Stored Cross-Site Scripting (XSS) vulnerability exists in the BlockNote editor component. Due to a lack of protocol validation in the FileBlock compon… New CWE-79
Cross-site Scripting 		CVE-2026-35451 2026-04-23 06:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1069 9.4 CRITICAL
Network 		- - excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or S… New CWE-22
Path Traversal 		CVE-2026-40576 2026-04-23 06:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1070 8.8 HIGH
Network 		- - Let's Encrypt client and ACME library written in Go (Lego). Prior to 4.34.0, the webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A ma… New CWE-22
Path Traversal 		CVE-2026-40611 2026-04-23 06:17 2026-04-22 Show GitHub Exploit DB Packet Storm