Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
701 9.8 緊急
Network 		Synway SMG Gateway Management Software SynwayのSMG Gateway Management SoftwareにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-71284 2026-05-7 10:53 2026-04-30 Show GitHub Exploit DB Packet Storm
702 7.8 重要
Local 		KDE project KCoreAddons KDE projectのKCoreAddonsにおけるエスケープ、メタ、またはコントロールシーケンスの不適切な無効化に関する脆弱性 CWE-150
エスケープ、メタ、またはコントロールシーケンスの不適切な無効化 		CVE-2026-41526 2026-05-7 10:53 2026-04-28 Show GitHub Exploit DB Packet Storm
703 8.8 重要
Network 		SailPoint Technologies Holdings, Inc. IdentityIQ SailPoint Technologies Holdings, Inc.のIdentityIQにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-5712 2026-05-7 10:53 2026-04-29 Show GitHub Exploit DB Packet Storm
704 5.5 警告
Local 		Canonical pdfunite Canonicalのpdfuniteにおける古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2018-25306 2026-05-7 10:53 2026-04-29 Show GitHub Exploit DB Packet Storm
705 9.8 緊急
Network 		Kvcache-ai Ktransformers Kvcache-aiのKtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-26210 2026-05-7 10:53 2026-04-23 Show GitHub Exploit DB Packet Storm
706 7.1 重要
Local 		デル Dell/Alienware Purchased Apps デルのDell/Alienware Purchased Appsにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-27105 2026-05-7 10:53 2026-04-29 Show GitHub Exploit DB Packet Storm
707 7.8 重要
Local 		entechtaiwan TViPort entechtaiwanのTViPortにおける複数の脆弱性 CWE-20
CWE-269
CVE-2026-30769 2026-05-7 10:53 2026-04-29 Show GitHub Exploit DB Packet Storm
708 5.9 警告
Network 		Elasticsearch B.V. Elastic Package Registry Elasticsearch B.V.のElastic Package Registryにおけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-33467 2026-05-7 10:53 2026-04-28 Show GitHub Exploit DB Packet Storm
709 4.4 警告
Local 		Mercurycom MIPC252W Firmware MercurycomのMIPC252W Firmwareにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-35901 2026-05-7 10:53 2026-04-27 Show GitHub Exploit DB Packet Storm
710 6.2 警告
Local 		Mercurycom MIPC252W Firmware MercurycomのMIPC252W Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-35902 2026-05-7 10:53 2026-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351011 - texas_imperial_software wftpd_pro Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command. NVD-CWE-Other
CVE-2001-0296 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351012 - dattaraj_rao simple_server Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. NVD-CWE-Other
CVE-2001-0297 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351013 - sapio_design_ltd webreflex Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. NVD-CWE-Other
CVE-2001-0298 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351014 - pi3 pi3web Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL. NVD-CWE-Other
CVE-2001-0302 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351015 - pi3 pi3web tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file. NVD-CWE-Other
CVE-2001-0303 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351016 - thinking_arts es.one Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. (dot dot) in the StartID parameter. NVD-CWE-Other
CVE-2001-0305 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351017 - itafrica webactive Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. NVD-CWE-Other
CVE-2001-0306 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351018 - bajie java_http_server Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist. CWE-94
Code Injection 		CVE-2001-0307 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351019 - bajie java_http_server UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (… CWE-94
Code Injection 		CVE-2001-0308 2008-09-6 05:23 2001-05-3 Show GitHub Exploit DB Packet Storm
351020 - ibm websphere_plugin IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in Web… NVD-CWE-Other
CVE-2001-0312 2008-09-6 05:23 2001-06-2 Show GitHub Exploit DB Packet Storm