Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251 5.3 警告
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-55132 2026-02-5 15:46 2026-01-20 Show GitHub Exploit DB Packet Storm
252 7.5 重要
Network 		OwnTone project OwnTone OwnTone projectのOwnToneにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2025-57155 2026-02-5 15:46 2026-01-20 Show GitHub Exploit DB Packet Storm
253 6.5 警告
Network 		Engineering Ingegneria Informatica knowage Engineering Ingegneria Informaticaのknowageにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2025-58441 2026-02-5 15:46 2026-01-7 Show GitHub Exploit DB Packet Storm
254 8.7 重要
Network 		Ultimate Fosters Ultimate POS Ultimate FostersのUltimate POSにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-60503 2026-02-5 15:46 2025-11-3 Show GitHub Exploit DB Packet Storm
255 5.3 警告
Network 		The Go Project Go The Go ProjectのGoにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2025-61730 2026-02-5 15:46 2026-01-28 Show GitHub Exploit DB Packet Storm
256 4.3 警告
Network 		webinarpress webinarpress WordPress用webinarpressにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2025-62972 2026-02-5 15:45 2025-10-27 Show GitHub Exploit DB Packet Storm
257 7.5 重要
Network 		oneflow oneflow oneflowにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2025-65886 2026-02-5 15:45 2026-01-28 Show GitHub Exploit DB Packet Storm
258 6.5 警告
Network 		oneflow oneflow oneflowにおけるゼロ除算に関する脆弱性 CWE-369
ゼロ除算 		CVE-2025-65887 2026-02-5 15:45 2026-01-28 Show GitHub Exploit DB Packet Storm
259 7.5 重要
Network 		oneflow oneflow oneflowにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2025-65888 2026-02-5 15:45 2026-01-28 Show GitHub Exploit DB Packet Storm
260 7.5 重要
Network 		oneflow oneflow oneflowにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2025-65889 2026-02-5 15:45 2026-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 6.5 MEDIUM
Adjacent 		juniper junos
junos_os_evolved 		A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-33780 2026-04-18 02:59 2026-04-10 Show GitHub Exploit DB Packet Storm
172 5.8 MEDIUM
Network 		juniper junos An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network… Update NVD-CWE-Other
CVE-2026-33773 2026-04-18 02:56 2026-04-10 Show GitHub Exploit DB Packet Storm
173 6.5 MEDIUM
Adjacent 		juniper junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated… Update CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-33781 2026-04-18 02:53 2026-04-10 Show GitHub Exploit DB Packet Storm
174 6.5 MEDIUM
Adjacent 		juniper junos A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthen… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-33775 2026-04-18 02:40 2026-04-10 Show GitHub Exploit DB Packet Storm
175 6.5 MEDIUM
Adjacent 		juniper junos A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memor… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-33782 2026-04-18 02:39 2026-04-10 Show GitHub Exploit DB Packet Storm
176 6.5 MEDIUM
Network 		praison praisonai PraisonAI is a multi-agent teams system. Prior to 4.5.128, the _safe_extractall() function in PraisonAI's recipe registry validates archive members against path traversal attacks but performs no chec… Update CWE-409
 Improper Handling of Highly Compressed Data (Data Amplification) 		CVE-2026-40148 2026-04-18 02:38 2026-04-10 Show GitHub Exploit DB Packet Storm
177 8.8 HIGH
Local 		juniper junos A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a com… Update CWE-862
 Missing Authorization 		CVE-2026-33785 2026-04-18 02:38 2026-04-10 Show GitHub Exploit DB Packet Storm
178 3.1 LOW
Network 		beszel beszel Beszel is a server monitoring platform. Prior to 0.18.7, some API endpoints in the Beszel hub accept a user-supplied system ID and proceed without further checks that the user should have access to t… Update CWE-184
 Incomplete Blacklist 		CVE-2026-40077 2026-04-18 02:37 2026-04-10 Show GitHub Exploit DB Packet Storm
179 8.1 HIGH
Network 		apollographql apollo_mcp_server Apollo MCP Server is a Model Context Protocol server that exposes GraphQL operations as MCP tools. Prior to version 1.7.0, the Apollo MCP Server did not validate the Host header on incoming HTTP requ… Update CWE-346
 Origin Validation Error 		CVE-2026-35577 2026-04-18 02:31 2026-04-10 Show GitHub Exploit DB Packet Storm
180 8.8 HIGH
Network 		google chrome Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New CWE-416
 Use After Free 		CVE-2026-6302 2026-04-18 02:27 2026-04-16 Show GitHub Exploit DB Packet Storm