Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2721 8.8 重要
Network 		Composer Composer Composerにおける複数の脆弱性 CWE-20
CWE-78
CWE-78
CVE-2026-40261 2026-04-27 11:18 2026-04-15 Show GitHub Exploit DB Packet Storm
2722 9.8 緊急
Network 		Phpscriptsmall Advance Gift Shop Pro Script PhpscriptsmallのAdvance Gift Shop Pro ScriptにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2019-25680 2026-04-27 11:18 2026-04-5 Show GitHub Exploit DB Packet Storm
2723 9.8 緊急
Network 		WISDOM Pegasus CMS WISDOMのPegasus CMSにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2019-25687 2026-04-27 11:18 2026-04-5 Show GitHub Exploit DB Packet Storm
2724 8.8 重要
Network 		Nextcloud
windmill project		 windmill
Nextcloud Flow 		Nextcloud等の複数ベンダの製品における認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-22683 2026-04-27 11:18 2026-04-7 Show GitHub Exploit DB Packet Storm
2725 7.5 重要
Network 		XiangShan NEMU XiangShanのNEMUにおける複数の脆弱性 CWE-1287
CWE-131
CVE-2026-29645 2026-04-27 11:18 2026-04-20 Show GitHub Exploit DB Packet Storm
2726 9.8 緊急
Network 		XiangShan NEMU XiangShanのNEMUにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-29649 2026-04-27 11:18 2026-04-20 Show GitHub Exploit DB Packet Storm
2727 7.5 重要
Network 		Nimiq Nimiq Proof of Stake (core-rs-albatross) NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性 CWE-125
CWE-193
CVE-2026-32605 2026-04-27 11:18 2026-04-13 Show GitHub Exploit DB Packet Storm
2728 9.6 緊急
Network 		Nimiq Nimiq Proof of Stake (core-rs-albatross) NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性 CWE-1284
CWE-190
CWE-20
CWE-345
CVE-2026-33471 2026-04-27 11:18 2026-04-22 Show GitHub Exploit DB Packet Storm
2729 9.8 緊急
Network 		PowerDNS PowerDNS Authoritative Server PowerDNSのPowerDNS Authoritative Serverにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-33608 2026-04-27 11:18 2026-04-22 Show GitHub Exploit DB Packet Storm
2730 6.5 警告
Network 		PowerDNS PowerDNS Authoritative Server PowerDNSのPowerDNS Authoritative ServerにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-33609 2026-04-27 11:18 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346891 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File… NVD-CWE-Other
CVE-2002-1288 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346892 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via … NVD-CWE-Other
CVE-2002-1289 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346893 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) … NVD-CWE-Other
CVE-2002-1290 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346894 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null… NVD-CWE-Other
CVE-2002-1291 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346895 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the s… NVD-CWE-Other
CVE-2002-1293 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346896 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to… NVD-CWE-Other
CVE-2002-1294 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346897 - kde kde Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote… NVD-CWE-Other
CVE-2002-1306 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346898 - macromedia coldfusion Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm… NVD-CWE-Other
CVE-2002-1309 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346899 - double_precision_incorporated courier_mta Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files. NVD-CWE-Other
CVE-2002-1311 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
346900 - iplanet iplanet_web_server Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the… NVD-CWE-Other
CVE-2002-1315 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm