Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2901 6.1 警告
Network 		FreeRDP FreeRDP FreeRDPにおける境界条件の判定に関する脆弱性 CWE-193
境界条件の判定 		CVE-2026-40254 2026-04-30 12:28 2026-04-24 Show GitHub Exploit DB Packet Storm
2902 3.7
Network 		BACnet Stack BACnet Stack BACnet Stackにおける未定義、未指定、または実装定義の動作への依存に関する脆弱性 CWE-758
未定義、未指定、または実装定義の動作への依存 		CVE-2026-40279 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2903 7.6 重要
Network 		WeGIA WeGIA WeGIAにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40283 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2904 6.5 警告
Network 		OpenFGA OpenFGA OpenFGAにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40293 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2905 9.9 緊急
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける複数の脆弱性 CWE-22
CWE-427
CWE-73
CWE-94
CVE-2026-40342 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2906 8.2 重要
Network 		Minio Inc. Minio Minio Inc.のMinioにおける複数の脆弱性 CWE-287
CWE-306
CVE-2026-40344 2026-04-30 12:28 2026-04-22 Show GitHub Exploit DB Packet Storm
2907 9.8 緊急
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40351 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2908 8.8 重要
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40352 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2909 9.1 緊急
Network 		マイクロソフト ASP.NET Core ASP.NET Core Elevation of Privilege Vulnerability CWE-347
デジタル署名の不適切な検証 		CVE-2026-40372 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2910 5.4 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40479 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351581 - horde vaction Cross-site scripting (XSS) vulnerability in Horde Vacation module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. NVD-CWE-Other
CVE-2005-1321 2008-09-6 05:48 2005-05-2 Show GitHub Exploit DB Packet Storm
351582 - horde nag Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. NVD-CWE-Other
CVE-2005-1322 2008-09-6 05:48 2005-05-2 Show GitHub Exploit DB Packet Storm
351583 - voodoo_circle voodoo_circle Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote authenticated attackers to cause a denial of service (client crash) via a crafted packet. NVD-CWE-Other
CVE-2005-1326 2008-09-6 05:48 2005-05-2 Show GitHub Exploit DB Packet Storm
351584 - woltlab burning_board Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter. NVD-CWE-Other
CVE-2005-1327 2008-09-6 05:48 2005-05-2 Show GitHub Exploit DB Packet Storm
351585 - apple mac_os_x
mac_os_x_server 		AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled… CWE-20
 Improper Input Validation  		CVE-2005-1330 2008-09-6 05:48 2005-05-4 Show GitHub Exploit DB Packet Storm
351586 - apple mac_os_x
mac_os_x_server 		Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to … NVD-CWE-Other
CVE-2005-1332 2008-09-6 05:48 2005-05-4 Show GitHub Exploit DB Packet Storm
351587 - apple mac_os_x Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. NVD-CWE-Other
CVE-2005-1333 2008-09-6 05:48 2005-05-4 Show GitHub Exploit DB Packet Storm
351588 - apple mac_os_x
mac_os_x_server 		Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." NVD-CWE-Other
CVE-2005-1335 2008-09-6 05:48 2005-05-4 Show GitHub Exploit DB Packet Storm
351589 - apple mac_os_x Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. NVD-CWE-Other
CVE-2005-1336 2008-09-6 05:48 2005-05-4 Show GitHub Exploit DB Packet Storm
351590 - apple mac_os_x
mac_os_x_server 		Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. NVD-CWE-Other
CVE-2005-1337 2008-09-6 05:48 2005-05-4 Show GitHub Exploit DB Packet Storm