Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3151 6.5 警告
Network 		Vikunja Vikunja Vikunjaにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-35594 2026-04-27 10:48 2026-04-10 Show GitHub Exploit DB Packet Storm
3152 5.3 警告
Network 		レッドハット build of keycloak レッドハットのbuild of keycloakにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-37977 2026-04-27 10:48 2026-04-6 Show GitHub Exploit DB Packet Storm
3153 7.5 重要
Network 		Signal K Signal K Server Signal KのSignal K Serverにおける複数の脆弱性 CWE-1333
CWE-400
CVE-2026-39320 2026-04-27 10:48 2026-04-21 Show GitHub Exploit DB Packet Storm
3154 5.4 警告
Network 		opensourcepos open source point of sale opensourceposのopen source point of saleにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-39380 2026-04-27 10:48 2026-04-7 Show GitHub Exploit DB Packet Storm
3155 7.6 重要
Network 		FreeScout FreeScout FreeScoutにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-39384 2026-04-27 10:48 2026-04-7 Show GitHub Exploit DB Packet Storm
3156 3.1
Network 		OpenBao OpenBao OpenBaoにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-39388 2026-04-27 10:48 2026-04-21 Show GitHub Exploit DB Packet Storm
3157 4.9 警告
Network 		OpenBao OpenBao OpenBaoにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-39946 2026-04-27 10:48 2026-04-21 Show GitHub Exploit DB Packet Storm
3158 5.7 警告
Adjacent 		OpenClaw OpenClaw OpenClawにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-40045 2026-04-27 10:48 2026-04-21 Show GitHub Exploit DB Packet Storm
3159 6.5 警告
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40150 2026-04-27 10:48 2026-04-9 Show GitHub Exploit DB Packet Storm
3160 8.8 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40157 2026-04-27 10:48 2026-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347061 - novell groupwise GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter. NVD-CWE-Other
CVE-2002-0341 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347062 - kde k-mail Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long. NVD-CWE-Other
CVE-2002-0342 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347063 - hotline_communications hotline_connect Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by … NVD-CWE-Other
CVE-2002-0343 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347064 - symantec liveupdate Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the … NVD-CWE-Other
CVE-2002-0344 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347065 - symantec norton_ghost Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges. NVD-CWE-Other
CVE-2002-0345 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347066 - sun cobalt_raq_2
cobalt_raq_3i
cobalt_raq_4 		Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi. NVD-CWE-Other
CVE-2002-0346 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347067 - sun cobalt_raq_2
cobalt_raq_3i
cobalt_raq_4 		Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. NVD-CWE-Other
CVE-2002-0347 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347068 - sun cobalt_raq_2
cobalt_raq_3i
cobalt_raq_4 		service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. NVD-CWE-Other
CVE-2002-0348 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347069 - tiny_software tiny_personal_firewall Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine… NVD-CWE-Other
CVE-2002-0349 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm
347070 - hp procurve_switch_4000m HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. NVD-CWE-Other
CVE-2002-0350 2016-10-18 11:19 2002-06-25 Show GitHub Exploit DB Packet Storm