Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 10:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191171	6.1	警告 Network	PHPMailer project	-	PHPMailer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-11503	2017-08-9 17:41	2017-07-27	Show	GitHub Exploit DB Packet Storm

191172	6.1	警告 Network	カスペルスキー	-	Kaspersky Anti-Virus for Linux File Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-9813	2017-08-9 17:19	2017-06-28	Show	GitHub Exploit DB Packet Storm

191173	7.5	重要 Network	カスペルスキー	-	Kaspersky Anti-Virus for Linux File Server の Web インターフェースにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2017-9812	2017-08-9 17:19	2017-06-28	Show	GitHub Exploit DB Packet Storm

191174	9.8	緊急 Network	カスペルスキー	-	Kaspersky Anti-Virus for Linux File Server における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-9811	2017-08-9 17:19	2017-06-28	Show	GitHub Exploit DB Packet Storm

191175	8.8	重要 Network	カスペルスキー	-	Kaspersky Anti-Virus for Linux File Server の Web インターフェースにおけるセキュリティ機能に関する脆弱性	CWE-254 セキュリティ機能	CVE-2017-9810	2017-08-9 17:19	2017-06-28	Show	GitHub Exploit DB Packet Storm

191176	5.4	警告 Network	Biscom	-	Biscom Secure File Transfer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-5247	2017-08-9 17:13	2017-07-12	Show	GitHub Exploit DB Packet Storm

191177	4.3	警告 Network	Biscom	-	Biscom Secure File Transfer におけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2017-5246	2017-08-9 17:13	2017-07-12	Show	GitHub Exploit DB Packet Storm

191178	7.5	重要 Network	Geneko	-	Geneko GWR ルータにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2017-11456	2017-08-9 17:12	2017-07-16	Show	GitHub Exploit DB Packet Storm

191179	5.9	警告 Network	yadm project	-	yadm における SSH および PGP 鍵へのアクセスを許可される脆弱性	CWE-362 競合状態	CVE-2017-11353	2017-08-9 17:10	2017-07-19	Show	GitHub Exploit DB Packet Storm

191180	9.8	緊急 Network	Apache Software Foundation	-	Apache Sling の XSS Protection API モジュールにおける XML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2016-6798	2017-08-9 17:09	2016-08-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	7.3	HIGH Network	-	-	YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a a post or reply that is stored server-side and… Update	CWE-79 CWE-80 CWE-116 Cross-site Scripting Basic XSS Improper Encoding or Escaping of Output	CVE-2026-43939	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

602	6.5	MEDIUM Network	-	-	requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addr… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42175	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

603	-		-	-	DevGuard provides vulnerability management for the full software supply chain. Prior to 1.2.2, the SessionMiddleware accepts a client-supplied X-Admin-Token HTTP request header and uses its raw strin… Update	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-42300	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

604	-		-	-	Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affect… Update	CWE-288 CWE-306 CWE-841 Authentication Bypass Using an Alternate Path or Channel Missing Authentication for Critical Function Improper Enforcement of Behavioral Workflow	CVE-2026-42303	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

605	4.3	MEDIUM Network	-	-	Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions (which isn't the default) can craft a policy that makes… Update	CWE-862 Missing Authorization	CVE-2026-42541	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

606	8.8	HIGH Network	-	-	AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed i… Update	CWE-79 CWE-94 CWE-1188 Cross-site Scripting Code Injection Insecure Default Initialization of Resource	CVE-2026-43892	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

607	7.5	HIGH Network	-	-	phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a by… Update	CWE-400 Uncontrolled Resource Consumption	CVE-2026-44167	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

608	8.2	HIGH Network	-	-	ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address … Update	CWE-184 CWE-918 Incomplete Blacklist Server-Side Request Forgery (SSRF)	CVE-2026-43929	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

609	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur… Update	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm

610	7.5	HIGH Network	-	-	changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vu… Update	CWE-73 External Control of File Name or Path	CVE-2026-43891	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm