Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5161	6.1	警告 Network	XWiki	xwiki	XWikiのxwikiにおけるクロスサイトスクリプティングの脆弱性	CWE-80 クロスサイトスクリプティング (Basic XSS)	CVE-2026-40105	2026-04-24 11:41	2026-04-15	Show	GitHub Exploit DB Packet Storm

5162	6.1	警告 Network	Prometheus	Prometheus	Prometheusにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40179	2026-04-24 11:41	2026-04-15	Show	GitHub Exploit DB Packet Storm

5163	7.5	重要 Network	Python Software Foundation	Python Pillow	Python Software FoundationのPython Pillowにおける複数の脆弱性	CWE-400 CWE-770	CVE-2026-40192	2026-04-24 11:41	2026-04-15	Show	GitHub Exploit DB Packet Storm

5164	8.2	重要 Network	maddy project	maddy	maddy projectのmaddyにおけるLDAP インジェクションの脆弱性	CWE-90 LDAP インジェクション	CVE-2026-40193	2026-04-24 11:41	2026-04-16	Show	GitHub Exploit DB Packet Storm

5165	7.1	重要 Local	OpenEXR	OpenEXR	OpenEXRにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40244	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

5166	7.1	重要 Local	OpenEXR	OpenEXR	OpenEXRにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40250	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

5167	6.1	警告 Local	openCryptoki Project	openCryptoki	openCryptoki ProjectのopenCryptokiにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-40253	2026-04-24 11:41	2026-04-16	Show	GitHub Exploit DB Packet Storm

5168	5.3	警告 Network	pypdf project	pypdf	pypdf projectのpypdfにおけるDTD の再帰的なエンティティ参照の不適切な制限に関する脆弱性	CWE-776 DTD の再帰的なエンティティ参照の不適切な制限	CVE-2026-40260	2026-04-24 11:41	2026-04-17	Show	GitHub Exploit DB Packet Storm

5169	8.8	重要 Network	Chamilo Association	Chamilo LMS	Chamilo AssociationのChamilo LMSにおける複数の脆弱性	CWE-269 CWE-863	CVE-2026-40291	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

5170	9	緊急 Network	Gitroom	Postiz	GitroomのPostizにおける複数の脆弱性	CWE-345 CWE-434 CWE-79	CVE-2026-40487	2026-04-24 11:41	2026-04-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351231	-	surfcontrol	superscout_web_filter web_filter	UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password us…	NVD-CWE-Other	CVE-2002-0706	2016-10-18 11:21	2002-10-10	Show	GitHub Exploit DB Packet Storm

351232	-	surfcontrol	superscout_web_filter web_filter	The Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow.	NVD-CWE-Other	CVE-2002-0707	2016-10-18 11:21	2002-10-10	Show	GitHub Exploit DB Packet Storm

351233	-	surfcontrol	superscout_web_filter web_filter	Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to read arbitrary files via an HTTP request containing ... (triple dot) sequen…	NVD-CWE-Other	CVE-2002-0708	2016-10-18 11:21	2002-10-10	Show	GitHub Exploit DB Packet Storm

351234	-	surfcontrol	superscout_web_filter web_filter	SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and pos…	NVD-CWE-Other	CVE-2002-0709	2016-10-18 11:21	2002-10-10	Show	GitHub Exploit DB Packet Storm

351235	-	rod_clark	sendform.cgi	Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter.	NVD-CWE-Other	CVE-2002-0710	2016-10-18 11:21	2002-08-12	Show	GitHub Exploit DB Packet Storm

351236	-	hp	trucluster_server	Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service.	NVD-CWE-Other	CVE-2002-0711	2016-10-18 11:21	2002-11-12	Show	GitHub Exploit DB Packet Storm

351237	-	squid	squid	Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyus…	NVD-CWE-Other	CVE-2002-0713	2016-10-18 11:21	2002-07-26	Show	GitHub Exploit DB Packet Storm

351238	-	squid	squid	FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server…	NVD-CWE-Other	CVE-2002-0714	2016-10-18 11:21	2002-07-26	Show	GitHub Exploit DB Packet Storm

351239	-	squid	squid	Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.	NVD-CWE-Other	CVE-2002-0715	2016-10-18 11:21	2002-07-26	Show	GitHub Exploit DB Packet Storm

351240	-	sco	openserver	Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.	NVD-CWE-Other	CVE-2002-0716	2016-10-18 11:21	2002-07-26	Show	GitHub Exploit DB Packet Storm