Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4031 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-6515 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
4032 8.8 重要
Network 		CPS-IT Mailqueue CPS-ITのMailqueueにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-1323 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
4033 6.5 警告
Network 		Linux Foundation Backstage/plugin-scaffolder-backend Linux FoundationのBackstage/plugin-scaffolder-backendにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-29184 2026-04-27 11:19 2026-03-7 Show GitHub Exploit DB Packet Storm
4034 4.3 警告
Network 		Guido Schmechel (ayacoo) redirect_tab Guido Schmechel (ayacoo)のredirect_tabにおける複数の脆弱性 CWE-200
CWE-862
CWE-862
CVE-2026-4202 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
4035 8.8 重要
Network 		Ralf Freit (MrSilaz) mfa_mail Ralf Freit (MrSilaz)のmfa_mailにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-4208 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
4036 8.1 重要
Network 		HashiCorp Vault HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 CWE-288
代替パスまたはチャネルを使用した認証回避 		CVE-2026-3605 2026-04-27 11:19 2026-04-17 Show GitHub Exploit DB Packet Storm
4037 9.4 緊急
Network 		dgraph dgraph dgraphにおける複数の脆弱性 CWE-200
CWE-215
CWE-522
CVE-2026-40173 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
4038 7.8 重要
Local 		Composer Composer Composerにおける複数の脆弱性 CWE-20
CWE-78
CWE-78
CVE-2026-40176 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
4039 6.1 警告
Network 		Apostrophe Technologies sanitize-html
ApostropheCMS 		Apostrophe TechnologiesのApostropheCMS等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40186 2026-04-27 11:18 2026-04-15 Show GitHub Exploit DB Packet Storm
4040 8.8 重要
Network 		Composer Composer Composerにおける複数の脆弱性 CWE-20
CWE-78
CWE-78
CVE-2026-40261 2026-04-27 11:18 2026-04-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
353871 - varicad varicad VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. NVD-CWE-Other
CVE-2000-0719 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353872 - multisoft flagship The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses. NVD-CWE-Other
CVE-2000-0721 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353873 - helix_code go-gnome_pre-installer The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files. NVD-CWE-Other
CVE-2000-0724 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353874 - hp hp-ux Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges. NVD-CWE-Other
CVE-2000-0730 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353875 - sgi irix Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-… NVD-CWE-Other
CVE-2000-0733 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353876 - rimarts_inc. becky_internet_mail Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message. NVD-CWE-Other
CVE-2000-0735 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353877 - rimarts_inc. becky_internet_mail Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message. NVD-CWE-Other
CVE-2000-0736 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353878 - network_associates net_tools_pki_server Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension. NVD-CWE-Other
CVE-2000-0741 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353879 - university_of_minnesota gopherd Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value. NVD-CWE-Other
CVE-2000-0743 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353880 - francisco_burzi php-nuke admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd paramete… NVD-CWE-Other
CVE-2000-0745 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm