Active networks support infrastructure that the routers or switches of the network perform customized computations on the messages flowing through them. For the active networking, it is necessary to build the new components: NodeOS (Node Operation System), Execution Environment (EE), Active Application (AA). The addition of the new components occurs potentially security vulnerability. Although studies have been made existing components from external threat in active network environments, taxonomy of security vulnerability of active network components has never been studied so far. Therefore, there is no criterion for these vulnerabilities in active network environments. In this paper, we analyze active network components for vulnerability scanning and classify vulnerabilities based on active network components. This taxonomy presents the criterion of security vulnerabilities in active network environments.