Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4351	9.8	緊急 Network	FFmpeg	FFmpeg	FFmpegにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40962	2026-04-21 10:44	2026-04-16	Show	GitHub Exploit DB Packet Storm

4352	5.4	警告 Network	Bludit	Bludit	Bluditにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4420	2026-04-21 10:44	2026-04-7	Show	GitHub Exploit DB Packet Storm

4353	8.8	重要 Network	FreeBSD	FreeBSD	FreeBSDにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-4747	2026-04-21 10:44	2026-03-26	Show	GitHub Exploit DB Packet Storm

4354	7.1	重要 Local	gimp	gimp	gimpにおける境界条件の判定に関する脆弱性	CWE-193 境界条件の判定	CVE-2026-4887	2026-04-21 10:44	2026-03-26	Show	GitHub Exploit DB Packet Storm

4355	5.3	警告 Network	langflow	langflow	langflowにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-5022	2026-04-21 10:44	2026-03-27	Show	GitHub Exploit DB Packet Storm

4356	6.5	警告 Network	langflow	langflow	langflowにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-5025	2026-04-21 10:43	2026-03-27	Show	GitHub Exploit DB Packet Storm

4357	5.4	警告 Network	langflow	langflow	langflowにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-5026	2026-04-21 10:43	2026-03-27	Show	GitHub Exploit DB Packet Storm

4358	5.4	警告 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-33865	2026-04-21 10:43	2026-04-7	Show	GitHub Exploit DB Packet Storm

4359	4.3	警告 Network	lfprojects	mlflow	lfprojectsのmlflowにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-33866	2026-04-21 10:43	2026-04-7	Show	GitHub Exploit DB Packet Storm

4360	9.1	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-40313	2026-04-21 10:43	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349921	-	ipswitch	imail	Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.	NVD-CWE-Other	CVE-2001-1287	2008-09-11 04:10	2001-10-12	Show	GitHub Exploit DB Packet Storm

349922	-	id_software	quake_3_arena	Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denial of service (crash) via a malformed connection packet that begins with several char-255 characters.	NVD-CWE-Other	CVE-2001-1289	2008-09-11 04:10	2001-07-29	Show	GitHub Exploit DB Packet Storm

349923	-	3com	3cr29223	Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request.	NVD-CWE-Other	CVE-2001-1293	2008-09-11 04:10	2001-09-26	Show	GitHub Exploit DB Packet Storm

349924	-	avtronics	inetserv	Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial of service (crash) in the Webmail interface via a long username and password.	NVD-CWE-Other	CVE-2001-1294	2008-09-11 04:10	2001-08-22	Show	GitHub Exploit DB Packet Storm

349925	-	marc_logemann	more.groupware	More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.	NVD-CWE-Other	CVE-2001-1296	2008-09-11 04:10	2001-10-2	Show	GitHub Exploit DB Packet Storm

349926	-	actionpoll	actionpoll	PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter.	NVD-CWE-Other	CVE-2001-1297	2008-09-11 04:10	2001-10-2	Show	GitHub Exploit DB Packet Storm

349927	-	grant_horwood	webodex	Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.	NVD-CWE-Other	CVE-2001-1298	2008-09-11 04:10	2001-10-2	Show	GitHub Exploit DB Packet Storm

349928	-	xinetd	xinetd	xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe …	NVD-CWE-Other	CVE-2001-1322	2008-09-11 04:10	2001-07-10	Show	GitHub Exploit DB Packet Storm

349929	-	paul_jarc	idtools	cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID…	NVD-CWE-Other	CVE-2001-1324	2008-09-11 04:10	2001-06-26	Show	GitHub Exploit DB Packet Storm

349930	-	debian progeny	debian_linux debian	mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.	NVD-CWE-Other	CVE-2001-1331	2008-09-11 04:10	2001-05-3	Show	GitHub Exploit DB Packet Storm