Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251401	4.3	警告	日本電気 Apache Software Foundation	-	Apache Xerces C++ におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2009-1885	2010-05-6 13:47	2009-08-6	Show	GitHub Exploit DB Packet Storm

251402	6.4	警告	アップルターボリナックス CUPS	-	CUPS における DNS リバインド攻撃を誘導される脆弱性	CWE-20 不適切な入力確認	CVE-2009-0164	2010-05-6 13:46	2009-04-24	Show	GitHub Exploit DB Packet Storm

251403	5	警告	freedesktop.org 日本電気サイバートラスト株式会社レッドハット	-	JBIG2 デコーダにおける SplashBitmap に関連する整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1188	2010-05-6 13:46	2009-04-23	Show	GitHub Exploit DB Packet Storm

251404	5	警告	freedesktop.org 日本電気サイバートラスト株式会社レッドハット	-	JBIG2 デコーダにおける CairoOutputDev に関連する整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1187	2010-05-6 13:46	2009-04-23	Show	GitHub Exploit DB Packet Storm

251405	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat の custom heap management system におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1241	2010-04-30 10:26	2010-04-5	Show	GitHub Exploit DB Packet Storm

251406	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0204	2010-04-30 10:26	2010-04-13	Show	GitHub Exploit DB Packet Storm

251407	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0203	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

251408	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0202	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

251409	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0201	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

251410	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0199	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1861	8.2	HIGH Network	payloadcms	payload	Payload is a free and open source headless content management system. Prior to version 3.79.1, certain request inputs were not properly validated. An attacker could craft requests that influence SQL …	CWE-89 SQL Injection	CVE-2026-34747	2026-04-14 03:53	2026-04-2	Show	GitHub Exploit DB Packet Storm

1862	7.7	HIGH Network	payloadcms	payload	Payload is a free and open source headless content management system. Prior to version 3.79.1, an authenticated Server-Side Request Forgery (SSRF) vulnerability exists in the upload functionality. Au…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-34746	2026-04-14 03:52	2026-04-2	Show	GitHub Exploit DB Packet Storm

1863	9.8	CRITICAL Network	hackerbay	oneuptime	OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, the Worker service's ManualAPI exposes workflow execution endpoints (GET /workflow/manual/run/:workflowId …	CWE-306 Missing Authentication for Critical Function	CVE-2026-35053	2026-04-14 03:46	2026-04-3	Show	GitHub Exploit DB Packet Storm

1864	8.6	HIGH Network	praison	praisonaiagents	PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-34954	2026-04-14 03:46	2026-04-4	Show	GitHub Exploit DB Packet Storm

1865	8.1	HIGH Network	hackerbay	oneuptime	OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, OneUptime's SAML SSO implementation (App/FeatureSet/Identity/Utils/SSO.ts) has decoupled signature verific…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-34840	2026-04-14 03:46	2026-04-3	Show	GitHub Exploit DB Packet Storm

1866	8.1	HIGH Network	hackerbay	oneuptime	OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, multiple notification API endpoints are registered without authentication middleware, while sibling endpoi…	CWE-862 Missing Authorization	CVE-2026-34759	2026-04-14 03:45	2026-04-3	Show	GitHub Exploit DB Packet Storm

1867	8.8	HIGH Network	sillytavern	sillytavern	SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version…	CWE-22 Path Traversal	CVE-2026-34524	2026-04-14 03:43	2026-04-3	Show	GitHub Exploit DB Packet Storm

1868	5.0	MEDIUM Network	sillytavern	sillytavern	SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-34526	2026-04-14 03:39	2026-04-3	Show	GitHub Exploit DB Packet Storm

1869	6.5	MEDIUM Network	python-poetry	poetry	Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without containment checks, allowing arbitrary …	CWE-22 Path Traversal	CVE-2026-34591	2026-04-14 03:38	2026-04-3	Show	GitHub Exploit DB Packet Storm

1870	6.8	MEDIUM Physics	samsung	android	Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard.	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2026-21007	2026-04-14 03:38	2026-04-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed