Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
371 7.6 重要
Network 		WeGIA WeGIA WeGIAにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40283 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
372 6.5 警告
Network 		OpenFGA OpenFGA OpenFGAにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40293 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
373 9.9 緊急
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける複数の脆弱性 CWE-22
CWE-427
CWE-73
CWE-94
CVE-2026-40342 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
374 8.2 重要
Network 		Minio Inc. Minio Minio Inc.のMinioにおける複数の脆弱性 CWE-287
CWE-306
CVE-2026-40344 2026-04-30 12:28 2026-04-22 Show GitHub Exploit DB Packet Storm
375 9.8 緊急
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40351 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
376 8.8 重要
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40352 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
377 9.1 緊急
Network 		マイクロソフト ASP.NET Core ASP.NET Core Elevation of Privilege Vulnerability CWE-347
デジタル署名の不適切な検証 		CVE-2026-40372 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
378 5.4 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40479 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
379 4.3 警告
Network 		Kimai project kimai Kimai projectのKimaiにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-40486 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
380 6.8 警告
Network 		oauth2_proxy project oauth2_proxy oauth2_proxy projectのoauth2_proxyにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40574 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349931 - easy_software_products cups Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2001-1332 2008-09-6 05:26 2001-05-10 Show GitHub Exploit DB Packet Storm
349932 - easy_software_products cups Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files. NVD-CWE-Other
CVE-2001-1333 2008-09-6 05:26 2001-05-10 Show GitHub Exploit DB Packet Storm
349933 - beck_ipc_gmbh ipc_at_chip_embedded-webserver Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request. NVD-CWE-Other
CVE-2001-1337 2008-09-6 05:26 2001-05-21 Show GitHub Exploit DB Packet Storm
349934 - beck_ipc_gmbh ipc_at_chip_telnetd_server Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system. NVD-CWE-Other
CVE-2001-1338 2008-09-6 05:26 2001-05-24 Show GitHub Exploit DB Packet Storm
349935 - twig_development_team twig TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter. NVD-CWE-Other
CVE-2001-1348 2008-09-6 05:26 2001-05-28 Show GitHub Exploit DB Packet Storm
349936 - sendmail sendmail Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. NVD-CWE-Other
CVE-2001-1349 2008-09-6 05:26 2001-05-28 Show GitHub Exploit DB Packet Storm
349937 - netwin surgeftp NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks a… NVD-CWE-Other
CVE-2001-1356 2008-09-6 05:26 2001-08-4 Show GitHub Exploit DB Packet Storm
349938 - phpheaven phpmychat Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly i… NVD-CWE-Other
CVE-2001-1357 2008-09-6 05:26 2001-02-7 Show GitHub Exploit DB Packet Storm
349939 - phpheaven phpmychat Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. NVD-CWE-Other
CVE-2001-1358 2008-09-6 05:26 2001-02-7 Show GitHub Exploit DB Packet Storm
349940 - mostang sane Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. NVD-CWE-Other
CVE-2001-1360 2008-09-6 05:26 2001-07-19 Show GitHub Exploit DB Packet Storm