Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4751 5.3 警告
Network 		Daniel Gatis Rembg Daniel GatisのRembgにおける複数の脆弱性 CWE-22
CWE-73
CVE-2026-40086 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
4752 5.4 警告
Network 		FUTO Immich FUTOのImmichにおける複数の脆弱性 CWE-601
CWE-79
CVE-2026-40096 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
4753 8.2 重要
Network 		XWiki xwiki XWikiのxwikiにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40104 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4754 6.1 警告
Network 		XWiki xwiki XWikiのxwikiにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-40105 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4755 6.1 警告
Network 		Prometheus Prometheus Prometheusにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40179 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4756 7.5 重要
Network 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-40192 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4757 8.2 重要
Network 		maddy project maddy maddy projectのmaddyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40193 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
4758 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40244 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
4759 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40250 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
4760 6.1 警告
Local 		openCryptoki Project openCryptoki openCryptoki ProjectのopenCryptokiにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-40253 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
354531 - geeklog geeklog SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter. NVD-CWE-Other
CVE-2002-0963 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354532 - valve_software half-life
half-life_dedicated_server 		Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which rea… NVD-CWE-Other
CVE-2002-0964 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354533 - oracle oracle9i Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not prop… NVD-CWE-Other
CVE-2002-0965 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354534 - aci 4d_webserver Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request. NVD-CWE-Other
CVE-2002-0966 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354535 - edonkey2000 edonkey_2000_client Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL. NVD-CWE-Other
CVE-2002-0967 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354536 - hp cifs-9000_server Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S… NVD-CWE-Other
CVE-2002-0991 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354537 - hp hp-ux Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. NVD-CWE-Other
CVE-2002-0992 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354538 - sun sun_pci_ii_driver SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications. NVD-CWE-Other
CVE-2002-0994 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354539 - gianluca_baldo phpauction login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table. NVD-CWE-Other
CVE-2002-0995 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
354540 - novell netmail
netmail_xe 		Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb. NVD-CWE-Other
CVE-2002-0996 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm