Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246461 5 警告 Firebird Project - Firebird の Services API におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-4667 2012-06-26 15:54 2007-09-4 Show GitHub Exploit DB Packet Storm
246462 5 警告 Firebird Project - Firebird のサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2007-4666 2012-06-26 15:54 2007-09-4 Show GitHub Exploit DB Packet Storm
246463 5 警告 Firebird Project - Firebird のサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2007-4665 2012-06-26 15:54 2007-09-4 Show GitHub Exploit DB Packet Storm
246464 7.5 危険 Firebird Project - Firebird のデータベース接続機能における詳細不明な脆弱性 CWE-119
CWE-20
CWE-DesignError
CVE-2007-4664 2012-06-26 15:54 2007-09-4 Show GitHub Exploit DB Packet Storm
246465 2.1 注意 backup manager - Backup Manager の backup-manager-upload における重要な情報を取得される脆弱性 CWE-200
CWE-255
CWE-310
CVE-2007-4656 2012-06-26 15:54 2007-09-4 Show GitHub Exploit DB Packet Storm
246466 5 警告 teamf1
シスコシステムズ
OpenBSD		 - Cisco CSS シリーズ 11000 デバイスの Cisco WebNS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2007-4654 2012-06-26 15:54 2007-09-4 Show GitHub Exploit DB Packet Storm
246467 5 警告 アドビシステムズ - Adobe Connect Enterprise Server における管理者に限定されている特定のページを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4651 2012-06-26 15:54 2007-09-11 Show GitHub Exploit DB Packet Storm
246468 6.4 警告 Bharat Mediratta - Gallery におけるアイテムをリネームされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4650 2012-06-26 15:54 2007-08-29 Show GitHub Exploit DB Packet Storm
246469 5 警告 2coolcode - 2coolcode Our Space の newswire/uploadmedia.cgi における任意のファイルをアップロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-4647 2012-06-26 15:54 2007-08-31 Show GitHub Exploit DB Packet Storm
246470 7.5 危険 doomsday - Doomsday のクライアントの cl_main.c の Cl_GetPackets 関数におけるフォーマットストリングの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-4644 2012-06-26 15:54 2007-08-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1151 8.4 HIGH
Network 		- - Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Autho… New CWE-863
 Incorrect Authorization 		CVE-2026-45108 2026-05-28 05:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1152 7.5 HIGH
Network 		- - Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When pr… New CWE-248
 Uncaught Exception 		CVE-2026-43988 2026-05-28 05:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1153 8.7 HIGH
Network 		- - RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execut… New CWE-79
Cross-site Scripting 		CVE-2026-42197 2026-05-28 05:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1154 6.3 MEDIUM
Network 		- - FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload func… New CWE-94
CWE-434
Code Injection
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-42879 2026-05-28 04:49 2026-05-28 Show GitHub Exploit DB Packet Storm
1155 - - - MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch (chat/api/o… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42335 2026-05-28 04:41 2026-05-27 Show GitHub Exploit DB Packet Storm
1156 - - - MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch functionality due to inconsi… New CWE-367
CWE-918
 Time-of-check Time-of-use (TOCTOU) Race Condition
Server-Side Request Forgery (SSRF)  		CVE-2026-42336 2026-05-28 04:41 2026-05-27 Show GitHub Exploit DB Packet Storm
1157 - - - MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a broken access control vulnerability in the OSS file service URL fetch API (chat/api/oss/get_url). The en… New CWE-862
 Missing Authorization 		CVE-2026-42337 2026-05-28 04:41 2026-05-27 Show GitHub Exploit DB Packet Storm
1158 7.5 HIGH
Network 		- - MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth clas… New CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function 		CVE-2026-44847 2026-05-28 04:41 2026-05-27 Show GitHub Exploit DB Packet Storm
1159 - - - MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via work_flow_template Import. Authenticated users can supply arbitrary URLs in work_flow_template.downloadUrl which are fetc… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45412 2026-05-28 04:41 2026-05-27 Show GitHub Exploit DB Packet Storm
1160 - - - MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwords are stored using unsalted MD5 hashes, making them trivially crackable via rainbow tables or GPU-accelerated brute f… New CWE-328
 Use of Weak Hash 		CVE-2026-45413 2026-05-28 04:41 2026-05-27 Show GitHub Exploit DB Packet Storm