Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4281 7.5 重要
Network 		trailofbits rfc3161-client trailofbitsのrfc3161-clientにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-33753 2026-04-23 10:16 2026-04-8 Show GitHub Exploit DB Packet Storm
4282 8.8 重要
Network 		Nozomi Networks Inc. Guardian HederaのGuardianにおける誤った領域へのリソースの漏えいに関する脆弱性 CWE-668
誤った領域へのリソースの漏えい 		CVE-2026-39911 2026-04-23 10:16 2026-04-9 Show GitHub Exploit DB Packet Storm
4283 7.5 重要
Network 		Eugene Pankov Ajenti Plugin Core Eugene PankovのAjenti Plugin Coreにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-40177 2026-04-23 10:16 2026-04-10 Show GitHub Exploit DB Packet Storm
4284 5.9 警告
Network 		Eugene Pankov Ajenti Plugin Core Eugene PankovのAjenti Plugin Coreにおける複数の脆弱性 CWE-287
CWE-362
CVE-2026-40178 2026-04-23 10:16 2026-04-10 Show GitHub Exploit DB Packet Storm
4285 5.3 警告
Network 		Maurice (mauriceboe) trek Maurice (mauriceboe)のtrekにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-40184 2026-04-23 10:16 2026-04-10 Show GitHub Exploit DB Packet Storm
4286 6.5 警告
Network 		Maurice (mauriceboe) trek Maurice (mauriceboe)のtrekにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40185 2026-04-23 10:16 2026-04-10 Show GitHub Exploit DB Packet Storm
4287 6.5 警告
Network 		Stig (stigtsp) Net::CIDR::Lite Stig (stigtsp)のNet::CIDR::Liteにおけるレングスパラメーターの不整合による処理に関する脆弱性 CWE-130
レングスパラメーターの不整合による不適切な処理 		CVE-2026-40198
CVE-2026-40199 		2026-04-23 10:16 2026-04-10 Show GitHub Exploit DB Packet Storm
4288 6.5 警告
Network 		Arcane Arcane GetarcaneのArcaneにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40242 2026-04-23 10:16 2026-04-10 Show GitHub Exploit DB Packet Storm
4289 6.4 警告
Network 		runZero runZero Platform runZeroのrunZero PlatformにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-5372 2026-04-23 10:16 2026-04-7 Show GitHub Exploit DB Packet Storm
4290 8.4 重要
Network 		runZero runZero Platform runZeroのrunZero Platformにおける権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-5373 2026-04-23 10:16 2026-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349381 - dragonfrugal dfd_cart Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for reque… CWE-352
 Origin Validation Error 		CVE-2010-1542 2010-04-28 01:43 2010-04-27 Show GitHub Exploit DB Packet Storm
349382 - mearra addthis Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to in… CWE-79
Cross-site Scripting 		CVE-2010-1536 2010-04-28 01:04 2010-04-27 Show GitHub Exploit DB Packet Storm
349383 - wolfram webmathematica Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message. CWE-200
Information Exposure 		CVE-2009-4812 2010-04-28 00:30 2010-04-28 Show GitHub Exploit DB Packet Storm
349384 - mybboard mybb Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action. CWE-79
Cross-site Scripting 		CVE-2009-4813 2010-04-28 00:30 2010-04-28 Show GitHub Exploit DB Packet Storm
349385 - reyero i18n Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks pr… CWE-79
Cross-site Scripting 		CVE-2010-1530 2010-04-27 13:00 2010-04-27 Show GitHub Exploit DB Packet Storm
349386 - givesight com_powermail Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact… CWE-22
Path Traversal 		CVE-2010-1532 2010-04-27 13:00 2010-04-27 Show GitHub Exploit DB Packet Storm
349387 - dragonfrugal dfd_cart Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity para… CWE-79
Cross-site Scripting 		CVE-2010-1541 2010-04-27 13:00 2010-04-27 Show GitHub Exploit DB Packet Storm
349388 - acme
rca 		micro_httpd
digital_cable_modem 		micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80. CWE-20
 Improper Input Validation  		CVE-2010-1544 2010-04-27 13:00 2010-04-27 Show GitHub Exploit DB Packet Storm
349389 - samhain_labs samhain The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication … CWE-20
 Improper Input Validation  		CVE-2009-4810 2010-04-27 01:17 2010-04-23 Show GitHub Exploit DB Packet Storm
349390 - palosanto elastix Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this in… CWE-22
Path Traversal 		CVE-2010-1492 2010-04-26 13:00 2010-04-23 Show GitHub Exploit DB Packet Storm