Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254061	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0105	2011-05-2 14:19	2011-04-12	Show	GitHub Exploit DB Packet Storm

254062	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0979	2011-05-2 14:17	2011-02-10	Show	GitHub Exploit DB Packet Storm

254063	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0978	2011-05-2 14:16	2011-02-10	Show	GitHub Exploit DB Packet Storm

254064	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-0097	2011-05-2 14:14	2011-04-12	Show	GitHub Exploit DB Packet Storm

254065	9.3	危険	マイクロソフト	-	Microsoft Windows の OpenType Compact Font Format ドライバにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0034	2011-05-2 14:14	2011-04-12	Show	GitHub Exploit DB Packet Storm

254066	9.3	危険	マイクロソフト	-	Microsoft の JScript および VBScript スクリプトエンジンにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-0663	2011-05-2 14:13	2011-04-12	Show	GitHub Exploit DB Packet Storm

254067	7.5	危険	マイクロソフト	-	Microsoft Windows の DNS クライアント内にある DNSAPI.dll における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0657	2011-05-2 14:12	2011-04-12	Show	GitHub Exploit DB Packet Storm

254068	9.3	危険	マイクロソフト	-	Microsoft Windows および Office XP の GDI+ 内にある gdiplus.dll における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-0041	2011-05-2 14:11	2011-04-12	Show	GitHub Exploit DB Packet Storm

254069	9.3	危険	マイクロソフト	-	Microsoft .NET Framework の x86 JIT コンパイラにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-3958	2011-05-2 14:09	2011-04-12	Show	GitHub Exploit DB Packet Storm

254070	9.3	危険	マイクロソフト	-	Microsoft Windows XP の Windows Messenger ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-1243	2011-05-2 14:08	2011-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
5271	9.1	CRITICAL Network	budibase	budibase	Budibase is an open-source low-code platform. Prior to 3.35.4, the authenticated middleware uses unanchored regular expressions to match public (no-auth) endpoint patterns against ctx.request.url. Si…	CWE-287 Improper Authentication	CVE-2026-41428	2026-04-29 00:39	2026-04-25	Show	GitHub Exploit DB Packet Storm

5272	9.1	CRITICAL Network	bacnetstack	bacnet_stack	BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service decoder allows …	CWE-125 Out-of-bounds Read	CVE-2026-41475	2026-04-29 00:36	2026-04-25	Show	GitHub Exploit DB Packet Storm

5273	7.5	HIGH Network	bacnetstack	bacnet_stack	BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decod…	CWE-125 CWE-193 Out-of-bounds Read Off-by-one Error	CVE-2026-41502	2026-04-29 00:35	2026-04-25	Show	GitHub Exploit DB Packet Storm

5274	7.5	HIGH Network	bacnetstack	bacnet_stack	BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder…	CWE-125 Out-of-bounds Read	CVE-2026-41503	2026-04-29 00:30	2026-04-25	Show	GitHub Exploit DB Packet Storm

5275	5.4	MEDIUM Network	-	-	The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting …	-	CVE-2026-5306	2026-04-29 00:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

5276	5.4	MEDIUM Network	tenda	ac18_firmware	A command injection vulnerability exists in Tenda AC18 V15.03.05.05_multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows…	CWE-77 Command Injection	CVE-2026-31255	2026-04-29 00:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

5277	6.1	MEDIUM Network	-	-	A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. User-controlled input is reflected into HTML and JavaScript contexts without pro…	CWE-79 Cross-site Scripting	CVE-2026-29971	2026-04-29 00:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

5278	8.1	HIGH Network	-	-	OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements…	CWE-94 Code Injection	CVE-2026-27760	2026-04-29 00:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

5279	9.4	CRITICAL Network	-	-	NASA Earth Observing System Data and Information System (EOSDIS) MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter	CWE-89 SQL Injection	CVE-2024-46636	2026-04-29 00:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

5280	6.5	MEDIUM Network	-	-	SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobportal/index.php.	CWE-89 SQL Injection	CVE-2021-36438	2026-04-29 00:16	2026-04-28	Show	GitHub Exploit DB Packet Storm