Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1221 8.8 重要
Network 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-41142 2026-05-11 11:10 2026-05-7 Show GitHub Exploit DB Packet Storm
1222 7.7 重要
Network 		Istio Istio Istioにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41413 2026-05-11 11:09 2026-05-7 Show GitHub Exploit DB Packet Storm
1223 8.1 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-41496 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
1224 9.8 緊急
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性 CWE-77
CWE-78
CVE-2026-41497 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
1225 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41500 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
1226 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41501 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
1227 7.8 重要
Local 		Sebastian Bergmann PHPUnit Sebastian BergmannのPHPUnitにおける複数の脆弱性 CWE-88
CWE-93
CVE-2026-41570 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
1228 7.5 重要
Network 		Zcash Foundation Zebra-chain
Zebrad 		Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-41584 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
1229 5.3 警告
Network 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41645 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
1230 5.5 警告
Local 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41646 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
352381 - gafware cfximage showtemp.cfm for Gafware CFXImage 1.6.6 allows remote attackers to read arbitrary files via (1) a .. or (2) a C: style pathname in the FILE parameter. NVD-CWE-Other
CVE-2002-0879 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352382 - compaq proliant_bl_e-class_integrated_administrator_firmware Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities. NVD-CWE-Other
CVE-2002-0883 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352383 - juniper netscreen_screenos The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. NVD-CWE-Other
CVE-2002-0891 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352384 - new_atlanta_communications servletexec_isapi The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a f… NVD-CWE-Other
CVE-2002-0892 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352385 - new_atlanta_communications servletexec_isapi Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "… NVD-CWE-Other
CVE-2002-0893 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352386 - new_atlanta_communications servletexec_isapi NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP… NVD-CWE-Other
CVE-2002-0894 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352387 - matu matu_ftp Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command. NVD-CWE-Other
CVE-2002-0895 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352388 - swatch swatch The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression… NVD-CWE-Other
CVE-2002-0896 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352389 - intranet-server localweb2000 LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory. NVD-CWE-Other
CVE-2002-0897 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
352390 - blueface falcon_web_server Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot). NVD-CWE-Other
CVE-2002-0899 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm