Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4431 7.5 重要
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるエントロピー不足に関する脆弱性 CWE-331
エントロピー不足 		CVE-2026-41080 2026-04-27 11:20 2026-04-16 Show GitHub Exploit DB Packet Storm
4432 7.5 重要
Network 		free5gc free5gc
pcf 		free5GCのfree5GC等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-41135 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
4433 5.3 警告
Network 		free5gc free5gc
amf 		free5GCのamf等の複数製品における予期せぬ動作に関する脆弱性  CWE-440
予期せぬ動作 		CVE-2026-41136 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
4434 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-4922 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
4435 6.1 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-5262 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
4436 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-5377 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
4437 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるパスの等価性の不適切な解決に関する脆弱性 CWE-41
パスの等価性の不適切な解決 		CVE-2026-5816 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
4438 9.1 緊急
Network 		Rapid7 velociraptor Rapid7のvelociraptorにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-6290 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
4439 5.3 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6410 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
4440 5.9 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるURL エンコーディング(16進エンコーディング)の処理に関する脆弱性 CWE-177
URLエンコーディング(16進エンコーディング)の不適切な処理 		CVE-2026-6414 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347501 - carnegie_mellon_university
redhat
ubuntu 		cyrus_imap_server
fedora_core
ubuntu_linux 		Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. NVD-CWE-Other
CVE-2004-1067 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
347502 - linux
ubuntu 		linux_kernel
ubuntu_linux 		Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_s… NVD-CWE-Other
CVE-2004-1069 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
347503 - zwiki zwiki Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which … NVD-CWE-Other
CVE-2004-1075 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
347504 - apple darwin_streaming_server
quicktime_streaming_server
mac_os_x
mac_os_x_server 		The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other appl… NVD-CWE-Other
CVE-2004-1081 2017-07-11 10:30 2004-12-2 Show GitHub Exploit DB Packet Storm
347505 - apple darwin_streaming_server
quicktime_streaming_server
mac_os_x
mac_os_x_server 		Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, w… NVD-CWE-Other
CVE-2004-1084 2017-07-11 10:30 2004-12-2 Show GitHub Exploit DB Packet Storm
347506 - apple darwin_streaming_server
quicktime_streaming_server
mac_os_x
mac_os_x_server 		Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. NVD-CWE-Other
CVE-2004-1085 2017-07-11 10:30 2004-12-2 Show GitHub Exploit DB Packet Storm
347507 - apple darwin_streaming_server
quicktime_streaming_server
mac_os_x
mac_os_x_server 		Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file. NVD-CWE-Other
CVE-2004-1086 2017-07-11 10:30 2004-12-2 Show GitHub Exploit DB Packet Storm
347508 - apple darwin_streaming_server
quicktime_streaming_server
mac_os_x
mac_os_x_server 		Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. NVD-CWE-Other
CVE-2004-1087 2017-07-11 10:30 2004-12-2 Show GitHub Exploit DB Packet Storm
347509 - apple darwin_streaming_server
quicktime_streaming_server
mac_os_x
mac_os_x_server 		Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. NVD-CWE-Other
CVE-2004-1088 2017-07-11 10:30 2004-12-2 Show GitHub Exploit DB Packet Storm
347510 - apple darwin_streaming_server
quicktime_streaming_server
mac_os_x
mac_os_x_server 		Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. NVD-CWE-Other
CVE-2004-1089 2017-07-11 10:30 2004-12-2 Show GitHub Exploit DB Packet Storm