Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246771 7.4 危険 コーレル株式会社 - Corel Paint Shop Pro におけるバッファオーバーフローの脆弱性 - CVE-2007-2366 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
246772 9.3 危険 アドビシステムズ - 複数の Adobe 製品におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2365 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
246773 7.5 危険 burnstone - burnCMS における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2364 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
246774 9 危険 don moore - MyDNS におけるバッファオーバーフローの脆弱性 - CVE-2007-2362 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
246775 5 警告 Apache Software Foundation - Apache Axi における重要情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-2353 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
246776 10 危険 afflib - AFFLIB におけるフォーマットストリングの脆弱性 - CVE-2007-2352 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
246777 6.5 警告 FreePBX - freePBX の music-on-hold モジュールの admin/config.php におけるコマンドを実行される脆弱性 - CVE-2007-2350 2012-06-26 15:46 2007-04-30 Show GitHub Exploit DB Packet Storm
246778 7.5 危険 codewand - CodeWand phpBrowse の include/include_stream.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2345 2012-06-26 15:46 2007-04-27 Show GitHub Exploit DB Packet Storm
246779 7.8 危険 Enterasys Networks - 複数の Enterasys NetSight 製品におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2344 2012-06-26 15:46 2007-04-27 Show GitHub Exploit DB Packet Storm
246780 7.5 危険 Enterasys Networks - 複数の Enterasys NetSight 製品におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2343 2012-06-26 15:46 2007-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1181 5.5 MEDIUM
Local 		microsoft teams Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally. CWE-552
 Files or Directories Accessible to External Parties 		CVE-2026-32185 2026-05-18 22:33 2026-05-13 Show GitHub Exploit DB Packet Storm
1182 4.3 MEDIUM
Network 		microsoft edge_chromium User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-40416 2026-05-18 22:26 2026-05-13 Show GitHub Exploit DB Packet Storm
1183 7.5 HIGH
Network 		- - A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS pa… CWE-475
 Undefined Behavior for Input to API 		CVE-2026-42009 2026-05-18 22:16 2026-05-18 Show GitHub Exploit DB Packet Storm
1184 9.8 CRITICAL
Network 		netty netty Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both… CWE-444
HTTP Request Smuggling 		CVE-2026-42581 2026-05-18 22:14 2026-05-14 Show GitHub Exploit DB Packet Storm
1185 9.8 CRITICAL
Network 		espressif arduino-esp32 arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a … CWE-121
Stack-based Buffer Overflow 		CVE-2026-42854 2026-05-18 22:09 2026-05-13 Show GitHub Exploit DB Packet Storm
1186 8.8 HIGH
Network 		mongodb mongodb An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issu… CWE-787
 Out-of-bounds Write 		CVE-2026-8053 2026-05-18 22:06 2026-05-13 Show GitHub Exploit DB Packet Storm
1187 7.5 HIGH
Network 		thecodingmachine gotenberg Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handle… CWE-362
Race Condition 		CVE-2026-42594 2026-05-18 22:02 2026-05-15 Show GitHub Exploit DB Packet Storm
1188 8.2 HIGH
Network 		thecodingmachine gotenberg Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames t… CWE-73
CWE-184
 External Control of File Name or Path
 Incomplete Blacklist 		CVE-2026-40893 2026-05-18 22:02 2026-05-15 Show GitHub Exploit DB Packet Storm
1189 8.2 HIGH
Network 		thecodingmachine gotenberg Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint (/forms/libreoffice/convert) passes uploaded documents directly to LibreOffice without … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42591 2026-05-18 22:02 2026-05-15 Show GitHub Exploit DB Packet Storm
1190 5.9 MEDIUM
Network 		thecodingmachine gotenberg Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers… CWE-73
CWE-918
 External Control of File Name or Path
Server-Side Request Forgery (SSRF)  		CVE-2026-42597 2026-05-18 22:02 2026-05-15 Show GitHub Exploit DB Packet Storm