Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5151 7.2 重要
Network 		s9y Serendipity s9yのSerendipityにおけるHTTP レスポンス分割に関する脆弱性 CWE-113
HTTP レスポンスの分割 		CVE-2026-39971 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
5152 7.1 重要
Local 		apktool apktool Apktoolにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39973 2026-04-24 11:42 2026-04-21 Show GitHub Exploit DB Packet Storm
5153 5.3 警告
Network 		Apache Software Foundation Apache log4net Apache Software FoundationのApache log4netにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-40021 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
5154 5.3 警告
Network 		Daniel Gatis Rembg Daniel GatisのRembgにおける複数の脆弱性 CWE-22
CWE-73
CVE-2026-40086 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
5155 5.4 警告
Network 		FUTO Immich FUTOのImmichにおける複数の脆弱性 CWE-601
CWE-79
CVE-2026-40096 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
5156 8.2 重要
Network 		XWiki xwiki XWikiのxwikiにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40104 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
5157 6.1 警告
Network 		XWiki xwiki XWikiのxwikiにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-40105 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
5158 6.1 警告
Network 		Prometheus Prometheus Prometheusにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40179 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
5159 7.5 重要
Network 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-40192 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
5160 8.2 重要
Network 		maddy project maddy maddy projectのmaddyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40193 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351581 - yamaha midiplug Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag. NVD-CWE-Other
CVE-1999-0946 2016-10-18 10:59 1999-11-2 Show GitHub Exploit DB Packet Storm
351582 - an an-httpd AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters. NVD-CWE-Other
CVE-1999-0947 2016-10-18 10:59 1999-11-2 Show GitHub Exploit DB Packet Storm
351583 - positive_software cp\+ Unspecified vulnerability in Positive Software Corporation CP+ (cpplus) before 2.5.5 allows attackers to have unknown impact and attack vectors, related to "a possible security flaw caused by a bug i… NVD-CWE-Other
CVE-2005-4261 2016-10-15 10:59 2005-12-15 Show GitHub Exploit DB Packet Storm
351584 - softwin bitdefender Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format str… CWE-134
Use of Externally-Controlled Format String 		CVE-2005-3154 2016-09-30 23:33 2005-10-6 Show GitHub Exploit DB Packet Storm
351585 - cisco ios Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. CWE-200
Information Exposure 		CVE-2000-0368 2016-09-21 22:06 2001-03-12 Show GitHub Exploit DB Packet Storm
351586 - ibm aix Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter. NVD-CWE-Other
CVE-2001-1095 2016-09-17 10:59 2001-10-9 Show GitHub Exploit DB Packet Storm
351587 - phpbb_group phpbb db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter. NVD-CWE-Other
CVE-2002-0473 2016-09-17 10:59 2002-08-12 Show GitHub Exploit DB Packet Storm
351588 - pablo_software_solutions pablo_ftp_server Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. NVD-CWE-Other
CVE-2002-1054 2016-09-17 10:59 2002-10-4 Show GitHub Exploit DB Packet Storm
351589 - sun java Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and av… NVD-CWE-noinfo
CVE-2010-0887 2016-08-23 11:01 2010-04-21 Show GitHub Exploit DB Packet Storm
351590 - php php The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by ca… CWE-200
Information Exposure 		CVE-2010-1860 2016-08-23 11:01 2010-05-8 Show GitHub Exploit DB Packet Storm