Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
671 8.8 重要
Network 		International Color Consortium (ICC) iccDEV International Color Consortium (ICC)のiccDEVにおける複数の脆弱性 CWE-20
CWE-758
CVE-2026-24407 2026-02-2 19:32 2026-01-24 Show GitHub Exploit DB Packet Storm
672 8.8 重要
Network 		International Color Consortium (ICC) iccDEV International Color Consortium (ICC)のiccDEVにおける複数の脆弱性 CWE-20
CWE-476
CWE-690
CWE-758
CVE-2026-24409 2026-02-2 19:32 2026-01-24 Show GitHub Exploit DB Packet Storm
673 8.8 重要
Network 		International Color Consortium (ICC) iccDEV International Color Consortium (ICC)のiccDEVにおける複数の脆弱性 CWE-20
CWE-476
CWE-690
CWE-758
CVE-2026-24410 2026-02-2 19:32 2026-01-24 Show GitHub Exploit DB Packet Storm
674 8.8 重要
Network 		International Color Consortium (ICC) iccDEV International Color Consortium (ICC)のiccDEVにおける複数の脆弱性 CWE-20
CWE-476
CWE-690
CWE-758
CVE-2026-24411 2026-02-2 19:32 2026-01-24 Show GitHub Exploit DB Packet Storm
675 8.8 重要
Network 		International Color Consortium (ICC) iccDEV International Color Consortium (ICC)のiccDEVにおける複数の脆弱性 CWE-122
CWE-20
CVE-2026-24412 2026-02-2 19:32 2026-01-24 Show GitHub Exploit DB Packet Storm
676 6.5 警告
Network 		phpMyFAQ phpMyFAQ phpMyFAQにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-24421 2026-02-2 19:32 2026-01-24 Show GitHub Exploit DB Packet Storm
677 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. w30e ファームウェア Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-24428 2026-02-2 19:32 2026-01-26 Show GitHub Exploit DB Packet Storm
678 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. w30e ファームウェア Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおけるデフォルトのパスワードの使用に関する脆弱性 CWE-1393
デフォルトのパスワードの使用 		CVE-2026-24429 2026-02-2 19:32 2026-01-26 Show GitHub Exploit DB Packet Storm
679 9.8 緊急
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-24515 2026-02-2 19:32 2026-01-23 Show GitHub Exploit DB Packet Storm
680 6.5 警告
Network 		Discourse Discourse Discourseにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-24742 2026-02-2 19:32 2026-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
481 5.4 MEDIUM
Network 		oracle peoplesoft_enterprise_peopletools Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Workflow). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows… New CWE-284
Improper Access Control 		CVE-2026-34307 2026-04-24 23:26 2026-04-22 Show GitHub Exploit DB Packet Storm
482 8.1 HIGH
Network 		oracle peoplesoft_enterprise_peopletools Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows… New CWE-284
Improper Access Control 		CVE-2026-34309 2026-04-24 23:25 2026-04-22 Show GitHub Exploit DB Packet Storm
483 7.5 HIGH
Network 		oracle financial_services_analytical_applications_infrastructure Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected ar… New CWE-284
Improper Access Control 		CVE-2026-34310 2026-04-24 23:25 2026-04-22 Show GitHub Exploit DB Packet Storm
484 6.5 MEDIUM
Network 		oracle weblogic_server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0… New CWE-285
CWE-601
Improper Authorization
Open Redirect 		CVE-2026-34315 2026-04-24 23:24 2026-04-22 Show GitHub Exploit DB Packet Storm
485 8.1 HIGH
Network 		sysadminsmedia homebox HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to a user after being invited to a group,… Update CWE-708
 Incorrect Ownership Assignment 		CVE-2026-40196 2026-04-24 23:23 2026-04-18 Show GitHub Exploit DB Packet Storm
486 3.7 LOW
Network 		vmware spring_security Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expire, or lock users, then Dao… New CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-22746 2026-04-24 23:20 2026-04-22 Show GitHub Exploit DB Packet Storm
487 8.1 HIGH
Network 		vmware spring_security Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the usern… New CWE-297
 Improper Validation of Certificate with Host Mismatch 		CVE-2026-22747 2026-04-24 23:18 2026-04-22 Show GitHub Exploit DB Packet Storm
488 6.5 MEDIUM
Network 		vmware spring_security Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder  or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator<Jwt> separately, for… New CWE-20
 Improper Input Validation  		CVE-2026-22748 2026-04-24 23:18 2026-04-22 Show GitHub Exploit DB Packet Storm
489 7.5 HIGH
Network 		vmware spring_security Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter c… New CWE-693
 Protection Mechanism Failure 		CVE-2026-22753 2026-04-24 23:17 2026-04-22 Show GitHub Exploit DB Packet Storm
490 7.5 HIGH
Network 		vmware spring_security Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to define the servlet path for computing a path matcher, then … New CWE-284
Improper Access Control 		CVE-2026-22754 2026-04-24 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm