Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251421 10 危険 Iron Mountain - Iron Mountain Connected Backup の Agent service における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2397 2011-12-6 16:22 2011-12-5 Show GitHub Exploit DB Packet Storm
251422 6.4 警告 Widelands - Widelands の io/filesystem/filesystem.cc におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-1932 2011-12-6 16:22 2011-12-5 Show GitHub Exploit DB Packet Storm
251423 4.3 警告 Etomite Project - Etomite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4264 2011-12-6 12:01 2011-12-6 Show GitHub Exploit DB Packet Storm
251424 7.5 危険 jonkemp - WordPress 用 WordPress Users プラグインの wp-users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4669 2011-12-5 16:08 2011-12-2 Show GitHub Exploit DB Packet Storm
251425 7.5 危険 IBM - IBM Tivoli Netcool/Reporter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4668 2011-12-5 16:07 2011-12-2 Show GitHub Exploit DB Packet Storm
251426 5 警告 Schneider Electric - Schneider Electric の複数の製品におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4036 2011-12-5 16:06 2011-10-24 Show GitHub Exploit DB Packet Storm
251427 4.3 警告 Schneider Electric - Schneider Electric の複数の製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4035 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
251428 9.3 危険 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4034 2011-12-5 16:05 2011-10-24 Show GitHub Exploit DB Packet Storm
251429 4.3 警告 Schneider Electric - Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4033 2011-12-5 16:03 2011-10-24 Show GitHub Exploit DB Packet Storm
251430 5 警告 PrestaShop - Prestashop の admin/displayImage.php における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4545 2011-12-5 16:01 2011-12-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3881 8.1 HIGH
Network 		langflow langflow IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for an… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-6542 2026-05-5 03:21 2026-05-1 Show GitHub Exploit DB Packet Storm
3882 9.8 CRITICAL
Network 		progress moveit_automation Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from… CWE-305
 Authentication Bypass by Primary Weakness 		CVE-2026-4670 2026-05-5 03:20 2026-05-1 Show GitHub Exploit DB Packet Storm
3883 8.8 HIGH
Network 		- - An XML external entity (XXE) vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload. CWE-611
XXE 		CVE-2026-36765 2026-05-5 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
3884 8.8 HIGH
Network 		- - An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary fi… CWE-22
Path Traversal 		CVE-2026-36762 2026-05-5 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
3885 7.5 HIGH
Network 		- - Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue. CWE-126
 Buffer Over-read 		CVE-2026-34059 2026-05-5 03:16 2026-05-4 Show GitHub Exploit DB Packet Storm
3886 5.3 MEDIUM
Network 		- - Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… CWE-125
CWE-170
Out-of-bounds Read
 Improper Null Termination 		CVE-2026-34032 2026-05-5 03:16 2026-05-4 Show GitHub Exploit DB Packet Storm
3887 5.3 MEDIUM
Network 		- - Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the… CWE-125
Out-of-bounds Read 		CVE-2026-33857 2026-05-5 03:16 2026-05-4 Show GitHub Exploit DB Packet Storm
3888 6.5 MEDIUM
Network 		- - HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are rec… CWE-443
 DEPRECATED: HTTP response splitting 		CVE-2026-33523 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
3889 5.3 MEDIUM
Network 		- - A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. … CWE-476
 NULL Pointer Dereference 		CVE-2026-33007 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
3890 - - - A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes th… CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-33006 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm