Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251371 5 警告 The PHP Group - PHP におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4153 2012-01-19 13:52 2012-01-18 Show GitHub Exploit DB Packet Storm
251372 7.5 危険 Simon Phillips - Joomla! 用 Aardvertiser コンポーネント における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4904 2012-01-19 11:45 2011-10-8 Show GitHub Exploit DB Packet Storm
251373 7.5 危険 CubeCart Limited - CubeCart の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4903 2012-01-19 11:44 2011-10-8 Show GitHub Exploit DB Packet Storm
251374 7.5 危険 Joomla-Clantools - Joomla! 用 Clantools コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4902 2012-01-19 11:44 2011-10-8 Show GitHub Exploit DB Packet Storm
251375 4.3 警告 Squiz - MySource Matrix の char_map.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4901 2012-01-19 11:43 2011-10-8 Show GitHub Exploit DB Packet Storm
251376 5.8 警告 WebManager Pro - CMS WebManager-Pro の c.php におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4900 2012-01-19 11:43 2011-10-8 Show GitHub Exploit DB Packet Storm
251377 7.5 危険 WebManager Pro - CMS WebManager-Pro の c.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4899 2012-01-19 11:42 2011-10-8 Show GitHub Exploit DB Packet Storm
251378 7.5 危険 Gantry framework - Joomla! 用 Gantry における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4898 2012-01-19 11:41 2011-10-8 Show GitHub Exploit DB Packet Storm
251379 7.5 危険 BlueCms - BlueCMS の comment.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4897 2012-01-19 11:41 2011-10-8 Show GitHub Exploit DB Packet Storm
251380 4.3 警告 Expinion.net - Member Management System の admin/index.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4896 2012-01-19 11:39 2011-10-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4011 8.0 HIGH
Network 		jenkins html_publisher Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with… CWE-79
Cross-site Scripting 		CVE-2026-42524 2026-05-6 03:06 2026-04-29 Show GitHub Exploit DB Packet Storm
4012 9.0 CRITICAL
Network 		jenkins github Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling", resulting in a… CWE-79
Cross-site Scripting 		CVE-2026-42523 2026-05-6 03:06 2026-04-29 Show GitHub Exploit DB Packet Storm
4013 5.9 MEDIUM
Network 		elastic elastic_package_registry Improper Verification of Cryptographic Signature (CWE-347) in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence the contents served t… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-33467 2026-05-6 02:55 2026-04-29 Show GitHub Exploit DB Packet Storm
4014 4.4 MEDIUM
Local 		oracle linux An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to -- or instruments -- that process (via… CWE-125
Out-of-bounds Read 		CVE-2026-35233 2026-05-6 02:46 2026-05-2 Show GitHub Exploit DB Packet Storm
4015 5.5 MEDIUM
Local 		oracle linux An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab() CWE-369
 Divide By Zero 		CVE-2026-21996 2026-05-6 02:45 2026-05-2 Show GitHub Exploit DB Packet Storm
4016 7.3 HIGH
Network 		gnu glibc The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write w… CWE-787
 Out-of-bounds Write 		CVE-2026-5435 2026-05-6 02:38 2026-04-28 Show GitHub Exploit DB Packet Storm
4017 7.8 HIGH
Local 		kde kcoreaddons In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading … CWE-150
 Improper Neutralization of Escape, Meta, or Control Sequences 		CVE-2026-41526 2026-05-6 02:25 2026-04-28 Show GitHub Exploit DB Packet Storm
4018 2.6 LOW
Adjacent 		- - A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_rout… CWE-310
CWE-330
Cryptographic Issues
 Use of Insufficiently Random Values 		CVE-2026-7847 2026-05-6 02:17 2026-05-6 Show GitHub Exploit DB Packet Storm
4019 5.9 MEDIUM
Network 		- - A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with a… CWE-120
Classic Buffer Overflow 		CVE-2026-34956 2026-05-6 02:17 2026-05-6 Show GitHub Exploit DB Packet Storm
4020 2.6 LOW
Adjacent 		- - A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the c… CWE-362
CWE-367
Race Condition
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-7846 2026-05-6 01:16 2026-05-6 Show GitHub Exploit DB Packet Storm