Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2761	3.7	低 Network	Smallstep	Step CA	SmallstepのStep CAにおける配列インデックスの検証に関する脆弱性	CWE-129 配列インデックスの不適切な検証	CVE-2026-40097	2026-04-28 10:11	2026-04-10	Show	GitHub Exploit DB Packet Storm

2762	8.2	重要 Network	Saltcorn	Saltcorn	Saltcornにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40163	2026-04-28 10:11	2026-04-10	Show	GitHub Exploit DB Packet Storm

2763	6.1	警告 Network	AdonisJS	adonisjs/http-server AdonisJS Core	AdonisJSのAdonisJS Core等の複数製品におけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-40255	2026-04-28 10:11	2026-04-16	Show	GitHub Exploit DB Packet Storm

2764	9.3	緊急 Local	MinecAnton209	NovumOS	MinecAnton209のNovumOSにおける複数の脆弱性	CWE-20 CWE-269	CVE-2026-40317	2026-04-28 10:11	2026-04-18	Show	GitHub Exploit DB Packet Storm

2765	9	緊急 Local	MinecAnton209	NovumOS	MinecAnton209のNovumOSにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-40572	2026-04-28 10:10	2026-04-18	Show	GitHub Exploit DB Packet Storm

2766	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年04月23日）	-	-	2026-04-27 13:37	2026-04-24	Show	GitHub Exploit DB Packet Storm

2767	7.8	重要 Local	Giskard	Giskard	Giskardにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-1336 テンプレートエンジンで使用される特殊な要素の不適切な無効化	CVE-2026-40320	2026-04-27 11:29	2026-04-17	Show	GitHub Exploit DB Packet Storm

2768	7.5	重要 Network	monetr	monetr	monetrにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-40481	2026-04-27 11:29	2026-04-17	Show	GitHub Exploit DB Packet Storm

2769	5.5	警告 Local	HKUDS	OpenHarness	HKUDSのOpenHarnessにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-40515	2026-04-27 11:29	2026-04-17	Show	GitHub Exploit DB Packet Storm

2770	6.3	警告 Local	HKUDS	OpenHarness	HKUDSのOpenHarnessにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-40516	2026-04-27 11:29	2026-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346791	-	neoteris	instant_virtual_extranet	Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier allows remote attackers to insert arbitrary web script and bypass authentication via a certain CGI…	NVD-CWE-Other	CVE-2003-0217	2016-10-18 11:30	2003-06-16	Show	GitHub Exploit DB Packet Storm

346792	-	kerio	personal_firewall_2	Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration…	NVD-CWE-Other	CVE-2003-0219	2016-10-18 11:30	2003-05-12	Show	GitHub Exploit DB Packet Storm

346793	-	kerio	personal_firewall_2	Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.	NVD-CWE-Other	CVE-2003-0220	2016-10-18 11:30	2003-05-12	Show	GitHub Exploit DB Packet Storm

346794	-	national_university_of_singapore	uxterm	The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user…	NVD-CWE-Other	CVE-2003-0065	2016-10-18 11:29	2003-03-3	Show	GitHub Exploit DB Packet Storm

346795	-	rxvt	rxvt	The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.…	NVD-CWE-Other	CVE-2003-0066	2016-10-18 11:29	2003-03-3	Show	GitHub Exploit DB Packet Storm

346796	-	aterm	aterm	The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the …	NVD-CWE-Other	CVE-2003-0067	2016-10-18 11:29	2003-03-18	Show	GitHub Exploit DB Packet Storm

346797	-	michael_jennings	eterm	The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e…	NVD-CWE-Other	CVE-2003-0068	2016-10-18 11:29	2003-03-3	Show	GitHub Exploit DB Packet Storm

346798	-	putty	putty	The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the …	NVD-CWE-Other	CVE-2003-0069	2016-10-18 11:29	2003-03-18	Show	GitHub Exploit DB Packet Storm

346799	-	nalin_dahyabhai gnome	vte gnome-terminal	VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then in…	NVD-CWE-Other	CVE-2003-0070	2016-10-18 11:29	2003-03-3	Show	GitHub Exploit DB Packet Storm

346800	-	nalin_dahyabhai gnome	vte gnome-terminal	Per: http://cwe.mitre.org/data/definitions/77.html 'CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')'	NVD-CWE-Other	CVE-2003-0070	2016-10-18 11:29	2003-03-3	Show	GitHub Exploit DB Packet Storm