Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4331 7.3 重要
Local 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるジェネリックな例外のキャッチ宣言に関する脆弱性 CWE-396
ジェネリックな例外のキャッチ宣言 		CVE-2026-40149 2026-04-21 10:45 2026-04-9 Show GitHub Exploit DB Packet Storm
4332 5.3 警告
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40151 2026-04-21 10:45 2026-04-9 Show GitHub Exploit DB Packet Storm
4333 5.3 警告
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40152 2026-04-21 10:45 2026-04-9 Show GitHub Exploit DB Packet Storm
4334 6.5 警告
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける環境変数に対する重要な情報の平文保存に関する脆弱性 CWE-526
環境変数に対する重要な情報の平文保存 		CVE-2026-40153 2026-04-21 10:45 2026-04-9 Show GitHub Exploit DB Packet Storm
4335 7.8 重要
Local 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性 CWE-426
CWE-829
CWE-94
CVE-2026-40156 2026-04-21 10:44 2026-04-10 Show GitHub Exploit DB Packet Storm
4336 7.8 重要
Local 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性 CWE-693
CWE-94
CVE-2026-40158 2026-04-21 10:44 2026-04-10 Show GitHub Exploit DB Packet Storm
4337 5.5 警告
Local 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性 CWE-200
CWE-214
CVE-2026-40159 2026-04-21 10:44 2026-04-10 Show GitHub Exploit DB Packet Storm
4338 6.5 警告
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40160 2026-04-21 10:44 2026-04-10 Show GitHub Exploit DB Packet Storm
4339 8.1 重要
Network 		b3log SiYuan B3logのSiYuanにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-40259 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
4340 8.4 重要
Local 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品における複数の脆弱性 CWE-426
CWE-94
CVE-2026-40287 2026-04-21 10:44 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
352381 - npds npds Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. NVD-CWE-Other
CVE-2002-1804 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352382 - dacode dacode Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. NVD-CWE-Other
CVE-2002-1805 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352383 - drupal drupal Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. NVD-CWE-Other
CVE-2002-1806 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352384 - phpwebsite phpwebsite Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. NVD-CWE-Other
CVE-2002-1807 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352385 - zack_coburn meunity_community_system Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when creating a topic. NVD-CWE-Other
CVE-2002-1808 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352386 - belkin f5d6130_wnap Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to cause a denial of service (connection loss) by sending several SNMP GetNextRequest requests. NVD-CWE-Other
CVE-2002-1811 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352387 - gdam gdam Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter. NVD-CWE-Other
CVE-2002-1812 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352388 - aol instant_messenger Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link. NVD-CWE-Other
CVE-2002-1813 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352389 - gnome
mandrakesoft
redhat
slackware 		bonobo
mandrake_linux
linux
slackware_linux 		Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. NVD-CWE-Other
CVE-2002-1814 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
352390 - aquonics_scripting aquonics_file_manager Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. NVD-CWE-Other
CVE-2002-1815 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm