Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4131 5.4 警告
Network 		WSO2 WSO2 Identity Server WSO2のWSO2 Identity Serverにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2025-12624 2026-04-24 11:34 2026-04-16 Show GitHub Exploit DB Packet Storm
4132 8.2 重要
Network 		HCL Technologies Limited HCL BigFix Service Management (SM) HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2025-31958 2026-04-24 11:34 2026-04-21 Show GitHub Exploit DB Packet Storm
4133 5.3 警告
Network 		HCL Technologies Limited HCL BigFix Service Management (SM) HCL Technologies LimitedのHCL BigFix Service Management (SM)における重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2025-31981 2026-04-24 11:34 2026-04-21 Show GitHub Exploit DB Packet Storm
4134 6.1 警告
Network 		WSO2 WSO2 API Manager
WSO2 Identity Server 		WSO2のWSO2 API Manager等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-6024 2026-04-24 11:34 2026-04-16 Show GitHub Exploit DB Packet Storm
4135 6.5 警告
Network 		フォーティネット FortiOS
FortiPAM
FortiProxy
FortiSwitch Manager 		フォーティネットのFortiOS等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2025-61624 2026-04-24 11:34 2026-04-14 Show GitHub Exploit DB Packet Storm
4136 5.4 警告
Network 		フォーティネット FortiSandbox
FortiSandbox Cloud 		フォーティネットのFortiSandbox等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-61886 2026-04-24 11:34 2026-04-14 Show GitHub Exploit DB Packet Storm
4137 5.3 警告
Network 		Apache Software Foundation Apache Doris-MCP-Server Apache Software FoundationのApache Doris-MCP-ServerにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-66335 2026-04-24 11:34 2026-04-20 Show GitHub Exploit DB Packet Storm
4138 6.5 警告
Network 		フォーティネット FortiManager Cloud
FortiAnalyzer
FortiAnalyzer Cloud
FortiManager 		フォーティネットのFortiAnalyzer等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2025-68649 2026-04-24 11:34 2026-04-14 Show GitHub Exploit DB Packet Storm
4139 8.4 重要
Local 		Nitro Software Inc. Nitro PDF Pro Nitro Software Inc.のNitro PDF Proにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2025-69627 2026-04-24 11:34 2026-04-13 Show GitHub Exploit DB Packet Storm
4140 4.3 警告
Network 		Fortra GoAnywhere Managed File Transfer FortraのGoAnywhere Managed File Transferにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-0971 2026-04-24 11:34 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348111 - sgi irix addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file. NVD-CWE-Other
CVE-1999-1410 2016-10-18 11:04 1997-05-9 Show GitHub Exploit DB Packet Storm
348112 - debian debian_linux The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers suc… NVD-CWE-Other
CVE-1999-1411 2016-10-18 11:04 1998-11-26 Show GitHub Exploit DB Packet Storm
348113 - ibm netfinity_remote_control IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges. NVD-CWE-Other
CVE-1999-1414 2016-10-18 11:04 1999-05-25 Show GitHub Exploit DB Packet Storm
348114 - n-base nh2012
nh2012r
nh2015
nh2048
nh3012 		NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration. NVD-CWE-Other
CVE-1999-1420 2016-10-18 11:04 1998-07-20 Show GitHub Exploit DB Packet Storm
348115 - n-base nh208
nh215 		NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, whi… NVD-CWE-Other
CVE-1999-1421 2016-10-18 11:04 1998-07-20 Show GitHub Exploit DB Packet Storm
348116 - slackware slackware_linux The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan hor… NVD-CWE-Other
CVE-1999-1422 2016-10-18 11:04 1999-01-2 Show GitHub Exploit DB Packet Storm
348117 - dit transferpro DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver. NVD-CWE-Other
CVE-1999-1429 2016-10-18 11:04 1998-01-5 Show GitHub Exploit DB Packet Storm
348118 - royal davinci PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly a… NVD-CWE-Other
CVE-1999-1430 2016-10-18 11:04 1999-01-1 Show GitHub Exploit DB Packet Storm
348119 - microsoft zero_administration_kit ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and chan… NVD-CWE-Other
CVE-1999-1431 2016-10-18 11:04 2005-01-7 Show GitHub Exploit DB Packet Storm
348120 - hp jetadmin HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file. NVD-CWE-Other
CVE-1999-1433 2016-10-18 11:04 1998-07-15 Show GitHub Exploit DB Packet Storm