Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4751 7.5 重要
Network 		EMQX nanomq EMQXのnanomqにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-32135 2026-04-24 11:31 2026-04-20 Show GitHub Exploit DB Packet Storm
4752 7.4 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows UPnP デバイス ホストのリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32156 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
4753 7.5 重要
Network 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-122
CWE-190
CVE-2026-32316 2026-04-24 11:31 2026-04-13 Show GitHub Exploit DB Packet Storm
4754 8.1 重要
Network 		nginxui nginx ui Nginx UI TeamのNginx UIにおける複数の脆弱性 CWE-284
CWE-863
CVE-2026-33031 2026-04-24 11:31 2026-04-20 Show GitHub Exploit DB Packet Storm
4755 4.3 警告
Network 		Docmost Docmost Docmostにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-33146 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
4756 8.1 重要
Network 		tandoor recipes tandoorのrecipesにおけるHTTP ヘッダのスクリプト構文の不適切な無効化に関する脆弱性 CWE-644
HTTP ヘッダのスクリプト構文の不適切な無効化 		CVE-2026-33149 2026-04-24 11:30 2026-03-26 Show GitHub Exploit DB Packet Storm
4757 4.6 警告
Network 		Docmost Docmost Docmostにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-33193 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
4758 6.5 警告
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-33461 2026-04-24 11:30 2026-04-8 Show GitHub Exploit DB Packet Storm
4759 4.8 警告
Network 		cryptomator cryptomator cryptomatorにおける複数の脆弱性 CWE-305
CWE-319
CVE-2026-33472 2026-04-24 11:30 2026-04-16 Show GitHub Exploit DB Packet Storm
4760 5.5 警告
Network 		Pinchtab PinchTab PinchtabのPinchTabにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-33619 2026-04-24 11:30 2026-03-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349431 - kde
lisa 		klisa
lisa
kde 		Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. NVD-CWE-Other
CVE-2002-1247 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
349432 - northern_solutions xeneo_web_server Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service (crash) via a GET request for a "%" URI. NVD-CWE-Other
CVE-2002-1248 2016-10-18 11:25 2002-11-12 Show GitHub Exploit DB Packet Storm
349433 - oracle oracle9i Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL. NVD-CWE-Other
CVE-2002-1264 2016-10-18 11:25 2002-11-12 Show GitHub Exploit DB Packet Storm
349434 - perl-mailtools perl-mailtools The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the ma… NVD-CWE-Other
CVE-2002-1271 2016-10-18 11:25 2002-11-12 Show GitHub Exploit DB Packet Storm
349435 - kde kde Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain … NVD-CWE-Other
CVE-2002-1281 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
349436 - kde kde Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL. NVD-CWE-Other
CVE-2002-1282 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
349437 - microsoft java_virtual_machine Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or… NVD-CWE-Other
CVE-2002-1287 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
349438 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File… NVD-CWE-Other
CVE-2002-1288 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
349439 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via … NVD-CWE-Other
CVE-2002-1289 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm
349440 - microsoft java_virtual_machine The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) … NVD-CWE-Other
CVE-2002-1290 2016-10-18 11:25 2002-11-29 Show GitHub Exploit DB Packet Storm