Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4381 7.3 重要
Local 		BeeWare Briefcase BeeWareのBriefcaseにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 CWE-732
重要なリソースに対する不適切なパーミッションの割り当て 		CVE-2026-33430 2026-04-21 10:42 2026-03-26 Show GitHub Exploit DB Packet Storm
4382 7.8 重要
Local 		マイクロソフト Microsoft Defender Antimalware Platform Microsoft Defender の特権の昇格の脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-33825 2026-04-21 10:42 2026-04-14 Show GitHub Exploit DB Packet Storm
4383 7.8 重要
Local 		linkingvision RapidVMS linkingvisionのRapidVMSにおけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-33847 2026-04-21 10:42 2026-03-24 Show GitHub Exploit DB Packet Storm
4384 8.8 重要
Network 		linkingvision RapidVMS linkingvisionのRapidVMSにおけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-33848 2026-04-21 10:42 2026-03-24 Show GitHub Exploit DB Packet Storm
4385 8.8 重要
Network 		linkingvision RapidVMS linkingvisionのRapidVMSにおけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-33849 2026-04-21 10:42 2026-03-24 Show GitHub Exploit DB Packet Storm
4386 9.1 緊急
Network 		Hydro System. PHU. Szafraniec M. Control System Hydro System. PHU. Szafraniec M.のControl Systemにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-34184 2026-04-21 10:42 2026-04-9 Show GitHub Exploit DB Packet Storm
4387 8.8 重要
Network 		Hydro System. PHU. Szafraniec M. Control System Hydro System. PHU. Szafraniec M.のControl SystemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-34185 2026-04-21 10:42 2026-04-9 Show GitHub Exploit DB Packet Storm
4388 5.4 警告
Network 		Anthropic PBC Claude SDK for TypeScript (anthropic-ai/sdk) Anthropic PBCのClaude SDK for TypeScript (anthropic-ai/sdk)における複数の脆弱性 CWE-22
CWE-41
CVE-2026-34451 2026-04-21 10:42 2026-03-31 Show GitHub Exploit DB Packet Storm
4389 7.1 重要
Network 		Apache Software Foundation Skywalking MCP Apache Software FoundationのSkywalking MCPにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-34476 2026-04-21 10:42 2026-04-13 Show GitHub Exploit DB Packet Storm
4390 7.1 重要
Network 		lobehub LobeHub lobehubのLobeHubにおける複数の脆弱性 CWE-287
CWE-290
CWE-345
CVE-2026-39411 2026-04-21 10:42 2026-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349941 - postnuke_software_foundation postnuke Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter. NVD-CWE-Other
CVE-2001-1521 2008-09-11 04:10 2001-12-31 Show GitHub Exploit DB Packet Storm
349942 - francisco_burzi php-nuke Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and f… NVD-CWE-Other
CVE-2001-1524 2008-09-11 04:10 2001-12-31 Show GitHub Exploit DB Packet Storm
349943 - microsoft windows_me ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the origi… NVD-CWE-Other
CVE-2001-1552 2008-09-11 04:10 2001-12-31 Show GitHub Exploit DB Packet Storm
349944 - ibm websphere_application_server Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to … NVD-CWE-Other
CVE-2001-0824 2008-09-11 04:09 2001-12-6 Show GitHub Exploit DB Packet Storm
349945 - grant_averett ceberus_ftp_server Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV" requests. NVD-CWE-Other
CVE-2001-0827 2008-09-11 04:09 2001-12-6 Show GitHub Exploit DB Packet Storm
349946 - apache tomcat A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error mes… NVD-CWE-Other
CVE-2001-0829 2008-09-11 04:09 2001-12-6 Show GitHub Exploit DB Packet Storm
349947 - sane sane Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2001-0890 2008-09-11 04:09 2001-12-11 Show GitHub Exploit DB Packet Storm
349948 - washington_university wu-ftpd Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550. NVD-CWE-Other
CVE-2001-0935 2008-09-11 04:09 2001-11-28 Show GitHub Exploit DB Packet Storm
349949 - paul_m._jones phorecast Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. NVD-CWE-Other
CVE-2001-1049 2008-09-11 04:09 2001-10-2 Show GitHub Exploit DB Packet Storm
349950 - phpadsnew phpadsnew PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. NVD-CWE-Other
CVE-2001-1054 2008-09-11 04:09 2001-10-2 Show GitHub Exploit DB Packet Storm