Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
237411	4.3	警告	InterWorx	-	InterWorx-CP Server Admin Level におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4588	2012-09-25 16:59	2007-08-28	Show	GitHub Exploit DB Packet Storm

237412	7.5	危険	The PHP Group	-	PHP 用の iisfunc エクステンションにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4586	2012-09-25 16:59	2007-08-28	Show	GitHub Exploit DB Packet Storm

237413	4.4	警告	日立	-	Cosminexus Application Server の Cosminexus Manager における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-4563	2012-09-25 16:59	2007-08-24	Show	GitHub Exploit DB Packet Storm

237414	4.3	警告	日立	-	Hitachi DABroker におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-4562	2012-09-25 16:59	2007-08-24	Show	GitHub Exploit DB Packet Storm

237415	4.3	警告	Novell	-	Novell GroupWise WebAccess の webacc サーブレットにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4557	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

237416	6.8	警告	opensymphony	-	OpenSymphony XWork の Struts サポートにおけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-4556	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

237417	4.3	警告	Ipswitch, Inc.	-	Ipswitch WS_FTP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4555	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

237418	4.3	警告	Mozilla Foundation	-	Bugzilla の enter_bug.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4543	2012-09-25 16:59	2007-08-23	Show	GitHub Exploit DB Packet Storm

237419	4.3	警告	olate	-	od におけるクロスサイトスクリプティングの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2007-4541	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

237420	7.5	危険	olate	-	Olate Download (od) の download.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4540	2012-09-25 16:59	2007-08-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1591	7.8	HIGH Local	-	-	Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.	CWE-1390 Weak Authentication	CVE-2026-40417	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1592	7.8	HIGH Local	-	-	Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-40418	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1593	7.8	HIGH Local	-	-	Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-40419	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1594	8.8	HIGH Local	-	-	Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.	CWE-284 Improper Access Control	CVE-2026-40420	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1595	7.2	HIGH Network	-	-	An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affe…	CWE-77 Command Injection	CVE-2026-8431	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1596	8.8	HIGH Network	-	-	An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issu…	CWE-787 Out-of-bounds Write	CVE-2026-8053	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1597	2.7	LOW Network	-	-	When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This is…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-8200	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1598	4.3	MEDIUM Network	-	-	Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilizatio…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-8202	2026-05-14 00:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1599	4.8	MEDIUM Network	-	-	Stored cross-site scripting (XSS) vulnerability in pgAdmin 4 Browser Tree and Explain Visualizer modules. User-controlled PostgreSQL object names (database, schema, table, column, etc.) were assigne…	CWE-79 Cross-site Scripting	CVE-2026-7814	2026-05-14 00:34	2026-05-12	Show	GitHub Exploit DB Packet Storm

1600	9.9	CRITICAL Network	-	-	Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects witho…	CWE-284 Improper Access Control	CVE-2026-7813	2026-05-14 00:34	2026-05-12	Show	GitHub Exploit DB Packet Storm