Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251461 9 危険 アップル - Apple Mac OS X のサーバ管理における管理者権限の処理に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0522 2010-04-16 16:58 2010-03-29 Show GitHub Exploit DB Packet Storm
251462 5 警告 アップル - Apple Mac OS X のサーバ管理における重要な情報を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-0521 2010-04-16 16:58 2010-03-29 Show GitHub Exploit DB Packet Storm
251463 4.3 警告 アップル
Ruby on Rails project		 - Ruby on Rails の strip_tags 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4214 2010-04-16 16:58 2009-12-7 Show GitHub Exploit DB Packet Storm
251464 4.3 警告 アップル
Ruby on Rails project		 - Ruby on Rails におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3009 2010-04-16 16:58 2009-09-8 Show GitHub Exploit DB Packet Storm
251465 7.5 危険 アップル
Ruby on Rails project		 - Ruby on Rails のダイジェスト認証における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-2422 2010-04-16 16:57 2009-07-10 Show GitHub Exploit DB Packet Storm
251466 6.8 警告 アップル - Apple Mac OS X の QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0526 2010-04-16 16:57 2010-03-29 Show GitHub Exploit DB Packet Storm
251467 6.8 警告 アップル - Apple Mac OS X の QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0520 2010-04-16 16:57 2010-03-29 Show GitHub Exploit DB Packet Storm
251468 6.8 警告 アップル - Apple Mac OS X の QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0519 2010-04-16 16:57 2010-03-29 Show GitHub Exploit DB Packet Storm
251469 6.8 警告 アップル - Apple Mac OS X の QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0518 2010-04-16 16:56 2010-03-29 Show GitHub Exploit DB Packet Storm
251470 6.8 警告 アップル - Apple Mac OS X の QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0517 2010-04-16 16:56 2010-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1501 5.4 MEDIUM
Network 		adobe experience_manager Adobe Experience Manager versions FP11.4 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in… CWE-79
Cross-site Scripting 		CVE-2025-49534 2026-04-15 03:16 2025-07-9 Show GitHub Exploit DB Packet Storm
1502 5.4 MEDIUM
Network 		adobe experience_manager Las versiones 11.4 y anteriores de Adobe Experience Manager se ven afectadas por una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado que un atacante con pocos privilegios podría aprovechar pa… CWE-79
Cross-site Scripting 		CVE-2025-49534 2026-04-15 03:16 2025-07-9 Show GitHub Exploit DB Packet Storm
1503 8.8 HIGH
Network 		microsoft excel
excel_viewer
office
office_compatibility_pack
office_excel
office_excel_viewer 		Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in… CWE-94
Code Injection 		CVE-2009-0238 2026-04-15 03:16 2009-02-26 Show GitHub Exploit DB Packet Storm
1504 8.8 HIGH
Network 		microsoft excel
excel_viewer
office
office_compatibility_pack
office_excel
office_excel_viewer 		Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3 y 2007 SP1; Excel Viewer 2003 Gold y SP3; Excel Viewer; Compatibility Pack para Word, Excel y PowerPoint 2007 File Formats SP1; y Excel de Microsof… CWE-94
Code Injection 		CVE-2009-0238 2026-04-15 03:16 2009-02-26 Show GitHub Exploit DB Packet Storm
1505 9.8 CRITICAL
Network 		praison praisonai PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the get_all_user_threads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An … CWE-89
SQL Injection 		CVE-2026-34934 2026-04-15 03:15 2026-04-4 Show GitHub Exploit DB Packet Storm
1506 9.8 CRITICAL
Network 		praison praisonai PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split() and forwarded through the call chain to anyio.open_pr… CWE-78
OS Command  		CVE-2026-34935 2026-04-15 03:14 2026-04-4 Show GitHub Exploit DB Packet Storm
1507 7.7 HIGH
Network 		praison praisonai PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() in praisonai accept a caller-controlled api_base parameter that is concatenated with endpoint and pa… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-34936 2026-04-15 03:14 2026-04-4 Show GitHub Exploit DB Packet Storm
1508 8.8 HIGH
Network 		doobidoo mcp-memory-service mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled (MCP_HTTP_ENABLED=true), the application configures FastAPI's CO… CWE-942
NVD-CWE-Other
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2026-33010 2026-04-15 03:12 2026-03-21 Show GitHub Exploit DB Packet Storm
1509 8.8 HIGH
Network 		doobidoo mcp-memory-service mcp-memory-service es un backend de memoria de código abierto para sistemas multiagente. Antes de la versión 10.25.1, cuando el servidor HTTP está habilitado (MCP_HTTP_ENABLED=true), la aplicación co… CWE-942
NVD-CWE-Other
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2026-33010 2026-04-15 03:12 2026-03-21 Show GitHub Exploit DB Packet Storm
1510 9.8 CRITICAL
Network 		praison praisonaiagents PraisonAI is a multi-agent teams system. Prior to version 1.5.90, run_python() in praisonai constructs a shell command string by interpolating user-controlled code into python3 -c "<code>" and passin… CWE-78
OS Command  		CVE-2026-34937 2026-04-15 03:09 2026-04-4 Show GitHub Exploit DB Packet Storm