Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3761 8.2 重要
Network 		XWiki xwiki XWikiのxwikiにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40104 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
3762 6.1 警告
Network 		XWiki xwiki XWikiのxwikiにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-40105 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
3763 6.1 警告
Network 		Prometheus Prometheus Prometheusにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40179 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
3764 7.5 重要
Network 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-40192 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
3765 8.2 重要
Network 		maddy project maddy maddy projectのmaddyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40193 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
3766 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40244 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
3767 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40250 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
3768 6.1 警告
Local 		openCryptoki Project openCryptoki openCryptoki ProjectのopenCryptokiにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-40253 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
3769 5.3 警告
Network 		pypdf project pypdf pypdf projectのpypdfにおけるDTD の再帰的なエンティティ参照の不適切な制限に関する脆弱性 CWE-776
DTD の再帰的なエンティティ参照の不適切な制限 		CVE-2026-40260 2026-04-24 11:41 2026-04-17 Show GitHub Exploit DB Packet Storm
3770 8.8 重要
Network 		Chamilo Association Chamilo LMS Chamilo AssociationのChamilo LMSにおける複数の脆弱性 CWE-269
CWE-863
CVE-2026-40291 2026-04-24 11:41 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347461 - jetty jetty_http_server Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request t… NVD-CWE-Other
CVE-2002-1178 2016-10-18 11:24 2002-10-11 Show GitHub Exploit DB Packet Storm
347462 - sabre desktop_reservation_software The Sabserv client component in Sabre Desktop Reservation Software 4.2 through 4.4 allows remote attackers to cause a denial of service via malformed input to TCP port 1001. NVD-CWE-Other
CVE-2002-1191 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm
347463 - gabriele_bartolini ht_check Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page. NVD-CWE-Other
CVE-2002-1195 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm
347464 - mozilla bugzilla editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values f… NVD-CWE-Other
CVE-2002-1196 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm
347465 - mozilla bugzilla bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail. NVD-CWE-Other
CVE-2002-1197 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm
347466 - mozilla bugzilla Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack. NVD-CWE-Other
CVE-2002-1198 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm
347467 - ibm aix IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing t… NVD-CWE-Other
CVE-2002-1201 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm
347468 - ibm secureway_firewall IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaust… CWE-399
 Resource Management Errors 		CVE-2002-1203 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm
347469 - jason_orcutt prometheus Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROMETHEUS_LIBRARY_BASE that points to code stored on a remote server, which is then used in (1) index.… NVD-CWE-Other
CVE-2002-1211 2016-10-18 11:24 2002-11-12 Show GitHub Exploit DB Packet Storm
347470 - gnu tar GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security che… NVD-CWE-Other
CVE-2002-1216 2016-10-18 11:24 2002-10-28 Show GitHub Exploit DB Packet Storm