Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
5421 4.4 警告
Local
Vim Vim VimにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション
CVE-2026-42307 2026-05-18 12:14 2026-05-8 Show GitHub Exploit DB Packet Storm
5422 7.8 重要
Local
Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-42311 2026-05-18 12:14 2026-05-9 Show GitHub Exploit DB Packet Storm
5423 5.5 警告
Local
M2-Team NanaZip M2-TeamのNanaZipにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御
CVE-2026-42445 2026-05-18 12:14 2026-05-12 Show GitHub Exploit DB Packet Storm
5424 7.1 重要
Local
M2-Team NanaZip M2-TeamのNanaZipにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り
CVE-2026-42446 2026-05-18 12:14 2026-05-12 Show GitHub Exploit DB Packet Storm
5425 8.5 重要
Network
n8n-MCP n8n-MCP n8n-MCPにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ
CVE-2026-42449 2026-05-18 12:14 2026-05-7 Show GitHub Exploit DB Packet Storm
5426 7.3 重要
Network
Apache Software Foundation Apache Tomcat Apache Software FoundationのApache Tomcatにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい
CVE-2026-42498 2026-05-18 12:14 2026-05-12 Show GitHub Exploit DB Packet Storm
5427 9.8 緊急
Network
archivebox archivebox archiveboxにおける引数の挿入または変更に関する脆弱性 CWE-88
引数の挿入または変更
CVE-2026-42601 2026-05-18 12:14 2026-05-9 Show GitHub Exploit DB Packet Storm
5428 8.8 重要
Network
azuracast azuracast AzuraCastにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2026-42605 2026-05-18 12:14 2026-05-9 Show GitHub Exploit DB Packet Storm
5429 8.8 重要
Network
azuracast azuracast AzuraCastにおけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み
CVE-2026-42606 2026-05-18 12:14 2026-05-9 Show GitHub Exploit DB Packet Storm
5430 9.9 緊急
Network
マイクロソフト Azure Logic Apps Azure Logic Apps の特権昇格の脆弱性 CWE-284
不適切なアクセス制御
CVE-2026-42823 2026-05-18 12:14 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 2, 2026, 4:03 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
359791 - progress webspeed The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll. NVD-CWE-Other
CVE-2000-0127 2008-09-11 04:02 2000-02-3 Show GitHub Exploit DB Packet Storm
359792 - daniel_beckham the_finger_server The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. NVD-CWE-Other
CVE-2000-0128 2008-09-11 04:02 2000-02-4 Show GitHub Exploit DB Packet Storm
359793 - hp hp-ux Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. NVD-CWE-Other
CVE-1999-1134 2008-09-11 04:01 1994-05-18 Show GitHub Exploit DB Packet Storm
359794 - flavio_veloso nobo nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets. NVD-CWE-Other
CVE-1999-1169 2008-09-11 04:01 1999-02-4 Show GitHub Exploit DB Packet Storm
359795 - iomega zip_100_mb_drive ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power… NVD-CWE-Other
CVE-1999-1174 2008-09-11 04:01 2001-12-21 Show GitHub Exploit DB Packet Storm
359796 - oreilly website
website_pro
O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat. NVD-CWE-Other
CVE-1999-1180 2008-09-11 04:01 1999-02-16 Show GitHub Exploit DB Packet Storm
359797 - oreilly website
website_pro
O'Reilly has corrected this issue in WebSite Professional 2.5, which is now available from: http://website.oreilly.com NVD-CWE-Other
CVE-1999-1180 2008-09-11 04:01 1999-02-16 Show GitHub Exploit DB Packet Storm
359798 - freebsd freebsd Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain… NVD-CWE-Other
CVE-1999-1298 2008-09-11 04:01 1997-04-7 Show GitHub Exploit DB Packet Storm
359799 - freebsd freebsd Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_unio… NVD-CWE-Other
CVE-1999-1314 2008-09-11 04:01 1996-05-17 Show GitHub Exploit DB Packet Storm
359800 - sgi irix Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations. NVD-CWE-Other
CVE-1999-1319 2008-09-11 04:01 1996-01-3 Show GitHub Exploit DB Packet Storm