Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
235541 9.3 危険 intellitamper - IntelliTamper におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5868 2012-09-25 17:26 2009-01-8 Show GitHub Exploit DB Packet Storm
235542 7.5 危険 joomlahbs - Joomla! 用の Hotel Booking Reservation System における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5865 2012-09-25 17:26 2009-01-6 Show GitHub Exploit DB Packet Storm
235543 7.5 危険 joomlahbs - Joomla! 用の Hotel Booking Reservation System における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5864 2012-09-25 17:26 2009-01-6 Show GitHub Exploit DB Packet Storm
235544 5 警告 myphpscripts - myPHPscripts Login Session におけるパスワードハッシュを発見される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5855 2012-09-25 17:26 2009-01-6 Show GitHub Exploit DB Packet Storm
235545 4.3 警告 myphpscripts - myPHPscripts Login Session の login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5854 2012-09-25 17:26 2009-01-6 Show GitHub Exploit DB Packet Storm
235546 7.5 危険 mypbs - MyPBS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5851 2012-09-25 17:26 2009-01-6 Show GitHub Exploit DB Packet Storm
235547 4.6 警告 pdfjam - pdfjam における権限を取得される脆弱性 CWE-Other
その他 		CVE-2008-5843 2012-09-25 17:26 2009-01-5 Show GitHub Exploit DB Packet Storm
235548 4.3 警告 Horde - Horde Application Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5917 2012-09-25 17:26 2008-12-10 Show GitHub Exploit DB Packet Storm
235549 6.8 警告 ktorrent - KTorrent の Web インターフェースプラグインにおける任意の PHP コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5906 2012-09-25 17:26 2008-10-20 Show GitHub Exploit DB Packet Storm
235550 4.3 警告 ktorrent - KTorrent の Web インターフェースプラグインにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5905 2012-09-25 17:26 2008-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1531 6.5 MEDIUM
Network 		- - Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network. CWE-200
Information Exposure 		CVE-2026-40374 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1532 9.3 CRITICAL
Network 		- - Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network. CWE-200
Information Exposure 		CVE-2026-40379 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1533 7.8 HIGH
Local 		- - Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. CWE-284
Improper Access Control 		CVE-2026-40381 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1534 4.3 MEDIUM
Network 		- - User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-40416 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1535 7.8 HIGH
Local 		- - Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally. CWE-1390
 Weak Authentication 		CVE-2026-40417 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1536 7.8 HIGH
Local 		- - Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. CWE-416
 Use After Free 		CVE-2026-40418 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1537 7.8 HIGH
Local 		- - Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. CWE-416
 Use After Free 		CVE-2026-40419 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1538 8.8 HIGH
Local 		- - Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. CWE-284
Improper Access Control 		CVE-2026-40420 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1539 7.2 HIGH
Network 		- - An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax.  This issue affe… CWE-77
Command Injection 		CVE-2026-8431 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm
1540 8.8 HIGH
Network 		- - An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issu… CWE-787
 Out-of-bounds Write 		CVE-2026-8053 2026-05-14 00:34 2026-05-13 Show GitHub Exploit DB Packet Storm