Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255201 2.6 注意 オラクル - Oracle Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-01-14 15:01 2010-01-14 Show GitHub Exploit DB Packet Storm
255202 9.3 危険 マイクロソフト - Microsoft Internet Explorer に脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3672 2010-01-14 12:08 2009-11-25 Show GitHub Exploit DB Packet Storm
255203 9.3 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の java.lang パッケージにおける脆弱性 CWE-362
競合状態 		CVE-2009-2724 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
255204 10 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の Provider クラスにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-2721 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
255205 5 警告 有限会社シースリー - WebCalenderC3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0348 2010-01-12 15:01 2010-01-12 Show GitHub Exploit DB Packet Storm
255206 4.3 警告 有限会社シースリー - WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0349 2010-01-12 15:00 2010-01-12 Show GitHub Exploit DB Packet Storm
255207 10 危険 サイバートラスト株式会社
XEmacs		 - XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-2688 2010-01-12 14:48 2009-08-5 Show GitHub Exploit DB Packet Storm
255208 6.8 警告 IBM - IBM WebSphere Application Server (WAS) におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-2746 2010-01-12 14:48 2009-11-13 Show GitHub Exploit DB Packet Storm
255209 5 警告 アップル - Apple Safari におけるローカル HTML ファイルを読まれる脆弱性 CWE-Other
その他 		CVE-2009-2842 2010-01-7 12:09 2009-11-11 Show GitHub Exploit DB Packet Storm
255210 5.5 警告 シックス・アパート株式会社 - Movable Type におけるアクセス制限回避の脆弱性 CWE-264
認可・権限・アクセス制御 		- 2010-01-6 15:01 2010-01-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3441 7.5 HIGH
Network 		lxml lxml lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML in… CWE-611
XXE 		CVE-2026-41066 2026-04-28 02:59 2026-04-25 Show GitHub Exploit DB Packet Storm
3442 7.7 HIGH
Network 		kyverno kyverno Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the `forEach` mutation handler allows any user wit… CWE-617
 Reachable Assertion 		CVE-2026-41485 2026-04-28 02:54 2026-04-24 Show GitHub Exploit DB Packet Storm
3443 9.1 CRITICAL
Network 		kyverno kyverno Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.18.0-rc1, 1.17.2-rc1, and 1.16.4, Kyverno's apiCall feature in ClusterPolicy automatically attache… CWE-200
CWE-918
Information Exposure
Server-Side Request Forgery (SSRF)  		CVE-2026-41323 2026-04-28 02:53 2026-04-24 Show GitHub Exploit DB Packet Storm
3444 7.5 HIGH
Network 		patrickjuchli basic-ftp basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A mal… CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41324 2026-04-28 02:48 2026-04-24 Show GitHub Exploit DB Packet Storm
3445 7.7 HIGH
Network 		kyverno kyverno Kyverno is a policy engine designed for cloud native platform engineering teams. The patch for CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's `apiCall` context by validating t… CWE-863
 Incorrect Authorization 		CVE-2026-41068 2026-04-28 02:48 2026-04-24 Show GitHub Exploit DB Packet Storm
3446 6.1 MEDIUM
Network 		freerdp freerdp FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in `channels/drive/client/drive_file.c`. The `contains_dotdot… CWE-193
 Off-by-one Error 		CVE-2026-40254 2026-04-28 02:44 2026-04-24 Show GitHub Exploit DB Packet Storm
3447 5.5 MEDIUM
Local 		angryip angry_ip_scanner Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers ca… CWE-787
 Out-of-bounds Write 		CVE-2018-25262 2026-04-28 02:30 2026-04-23 Show GitHub Exploit DB Packet Storm
3448 7.8 HIGH
Local 		lizardsystems lanspy LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attac… CWE-787
 Out-of-bounds Write 		CVE-2018-25265 2026-04-28 02:28 2026-04-23 Show GitHub Exploit DB Packet Storm
3449 5.5 MEDIUM
Local 		angryip angry_ip_scanner Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can … CWE-787
 Out-of-bounds Write 		CVE-2018-25266 2026-04-28 02:28 2026-04-23 Show GitHub Exploit DB Packet Storm
3450 7.8 HIGH
Local 		lizardsystems lanspy LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payloa… CWE-787
 Out-of-bounds Write 		CVE-2018-25268 2026-04-28 02:25 2026-04-23 Show GitHub Exploit DB Packet Storm