Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251491 5 警告 アップル
レッドハット
jabberd 2.x project		 - Jabber Studio jabberd の SASL ネゴシエーションにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-1329 2010-04-14 17:10 2006-03-21 Show GitHub Exploit DB Packet Storm
251492 7.2 危険 アップル - Apple Mac OS X の FTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0501 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
251493 7.5 危険 アップル - Apple Mac OS X の FreeRADIUS サーバにおけるネットワーク接続を確立される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0524 2010-04-14 17:10 2010-03-29 Show GitHub Exploit DB Packet Storm
251494 7.8 危険 アップル - Apple Mac OS X の Event Monitor におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0500 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
251495 6.5 警告 アップル - Apple Mac OS X の Dovecot におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0535 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
251496 7.2 危険 アップル - Apple Mac OS X のディレクトリサービスにおける権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-0498 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
251497 6.8 警告 アップル - Apple Mac OS X のディスクイメージにおける任意のコードを実行される脆弱性 CWE-DesignError
CVE-2010-0497 2010-04-14 17:09 2010-03-29 Show GitHub Exploit DB Packet Storm
251498 6.8 警告 アップル - Apple Mac OS X のディスクイメージにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0065 2010-04-13 15:18 2010-03-29 Show GitHub Exploit DB Packet Storm
251499 0 注意 アップル - Apple Mac OS X の DesktopServices におけるリモートファイルをコピーされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0537 2010-04-13 15:17 2010-03-29 Show GitHub Exploit DB Packet Storm
251500 6.9 警告 アップル - Apple Mac OS X の DesktopServices における disk-quota 制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0064 2010-04-13 15:17 2010-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1421 9.1 CRITICAL
Network 		orthanc-server orthanc An out-of-bounds read vulnerability exists in the `DecodeLookupTable` function within `DicomImageDecoder.cpp`. The lookup-table decoding logic used for `PALETTE COLOR` images does not validate pixel … CWE-125
Out-of-bounds Read 		CVE-2026-5445 2026-04-15 05:10 2026-04-10 Show GitHub Exploit DB Packet Storm
1422 7.8 HIGH
Local 		hdfgroup hdf5 HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-… CWE-416
 Use After Free 		CVE-2026-34734 2026-04-15 05:09 2026-04-10 Show GitHub Exploit DB Packet Storm
1423 8.2 HIGH
Network 		gitroom postiz Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct p… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-40168 2026-04-15 05:09 2026-04-11 Show GitHub Exploit DB Packet Storm
1424 9.8 CRITICAL
Network 		goshs goshs goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.4, goshs enforces the documented per-folder .goshs ACL/basic-auth mechanism for directory listings and file reads, but it does not enfor… CWE-862
 Missing Authorization 		CVE-2026-40189 2026-04-15 05:08 2026-04-11 Show GitHub Exploit DB Packet Storm
1425 7.5 HIGH
Network 		softether softethervpn SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2… CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2026-39312 2026-04-15 05:08 2026-04-8 Show GitHub Exploit DB Packet Storm
1426 9.1 CRITICAL
Network 		docker model_runner Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exc… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-33990 2026-04-15 05:08 2026-04-2 Show GitHub Exploit DB Packet Storm
1427 9.8 CRITICAL
Network 		xwiki xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.4.8 and 17.10.1, an improperly protected scripting API allows any user with script… CWE-862
 Missing Authorization 		CVE-2026-33229 2026-04-15 05:08 2026-04-9 Show GitHub Exploit DB Packet Storm
1428 8.6 HIGH
Network 		patrickjuchli basic-ftp basic-ftp is an FTP client for Node.js. Prior to 5.2.1, basic-ftp allows FTP command injection via CRLF sequences (\r\n) in file path parameters passed to high-level path APIs such as cd(), remove(),… CWE-93
CRLF Injection 		CVE-2026-39983 2026-04-15 05:07 2026-04-10 Show GitHub Exploit DB Packet Storm
1429 6.1 MEDIUM
Network 		unjs unhead Unhead is a document head and template manager. Prior to 2.1.13, useHeadSafe() is the composable that Nuxt's own documentation explicitly recommends for rendering user-supplied content in <head> safe… CWE-184
 Incomplete Blacklist 		CVE-2026-39315 2026-04-15 05:07 2026-04-10 Show GitHub Exploit DB Packet Storm
1430 7.5 HIGH
Network 		apache tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through … CWE-444
HTTP Request Smuggling 		CVE-2026-24880 2026-04-15 05:02 2026-04-10 Show GitHub Exploit DB Packet Storm