Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
471	5.4	警告 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける複数の脆弱性	CWE-639 CWE-863	CVE-2026-23964	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

472	5.3	警告 Network	Linux Foundation	rekor	Linux Foundationのrekorにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-24117	2026-02-4 18:35	2026-01-22	Show	GitHub Exploit DB Packet Storm

473	6.1	警告 Network	typemill	typemill	typemillにおける複数の脆弱性	CWE-116 CWE-79 CWE-79	CVE-2026-24127	2026-02-4 18:35	2026-01-23	Show	GitHub Exploit DB Packet Storm

474	6.5	警告 Network	Shenzhen Tenda Technology Co.,Ltd.	w30e ファームウェア	Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおける過度に許容されるクロスドメインホワイトリストに関する脆弱性	CWE-942 過度に許容されるクロスドメインホワイトリスト	CVE-2026-24435	2026-02-4 18:35	2026-01-26	Show	GitHub Exploit DB Packet Storm

475	6.3	警告 Local	Sensio Labs	Symfony	Sensio LabsのSymfonyにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-24739	2026-02-4 18:35	2026-01-28	Show	GitHub Exploit DB Packet Storm

476	8.2	重要 Network	isaacs	node-tar	isaacsのnode-tarにおける複数の脆弱性	CWE-22 CWE-59	CVE-2026-24842	2026-02-4 18:35	2026-01-28	Show	GitHub Exploit DB Packet Storm

477	6.5	警告 Network	シックス・アパート株式会社	Movable Type Premium Movable Type Movable Type Advanced Movable Type Premium (Advanced Edition)	Movable Typeにおける複数の脆弱性	CWE-79 CWE-Other	CVE-2026-21393 CVE-2026-22875 CVE-2026-23704 CVE-2026-24447	2026-02-4 12:10	2026-02-4	Show	GitHub Exploit DB Packet Storm

478	6.8	警告 Adjacent	エレコム株式会社	WRC-2533GST2 ファームウェア WRC-G01-W WMC-2LX2-B WRC-2533GS2V-B WMC-X1800GST-B WRC-1167GS2-B WRC-1167GST2 ファームウェア WSC-X1800GS2-B WRC-X3200GST3-B WRC-1167GS2H-B WMC-X1…	エレコム製無線 LAN ルーターにおける OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2024-25579	2026-02-4 11:55	2024-02-20	Show	GitHub Exploit DB Packet Storm

479	7.5	重要 Network	三菱電機	CC-Link IE TSNリモートI/Oユニット MELSEC iQ-Rシリーズ CC-Link IE TSN マスタ・ローカルユニット CC-Link IE TSN FPGAユニット CC-Link IE TSN マスタ局・ローカル局用通信LSI…	三菱電機製 FA 製品の Ethernet 機能におけるサービス運用妨害（DoS）の脆弱性	CWE-1284 入力で指定された数量の不適切な検証	CVE-2025-3511	2026-02-4 11:55	2025-05-14	Show	GitHub Exploit DB Packet Storm

480	-	-	OpenSSL Project	OpenSSL	OpenSSLにおける複数の脆弱性（OpenSSL Security Advisory [27th January 2026]）	-	CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 C…	2026-02-4 11:14	2026-02-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306611	-	lucent	vitalanalysis vitalevent vitalhelp vitalnet vitalsuite	Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe progr…	NVD-CWE-Other	CVE-2002-0236	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306612	-	iss	blackice_agent blackice_defender realsecure_server_sensor	Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possib…	NVD-CWE-Other	CVE-2002-0237	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306613	-	netgear	rt314	Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that con…	NVD-CWE-Other	CVE-2002-0238	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306614	-	hanterm	hanterm	Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.	NVD-CWE-Other	CVE-2002-0239	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306615	-	apache	http_server	PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reve…	NVD-CWE-Other	CVE-2002-0240	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306616	-	opera_software	opera_web_browser	Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.	NVD-CWE-Other	CVE-2002-0243	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306617	-	lotus	domino	Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks …	NVD-CWE-Other	CVE-2002-0245	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306618	-	apache	http_server	PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /12…	NVD-CWE-Other	CVE-2002-0249	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306619	-	licq	licq	Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d".	NVD-CWE-Other	CVE-2002-0251	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm

306620	-	hp	advancestack_10base-t_switching_hub_j3200a advancestack_10base-t_switching_hub_j3201a advancestack_10base-t_switching_hub_j3202a advancestack_10base-t_switching_hub_j3203a advancestack_10…	Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the …	NVD-CWE-Other	CVE-2002-0250	2016-10-18 11:17	2002-05-29	Show	GitHub Exploit DB Packet Storm