Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
311	8.1	重要 Network	argoproj	Argo Workflows	Argo Project AuthorsのArgo Workflowsにおける不正な認証に関する脆弱性 New	CWE-863 不正な認証	CVE-2026-42296	2026-05-18 11:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

312	8.3	重要 Network	argoproj	Argo Workflows	Argo Project AuthorsのArgo Workflowsにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-42297	2026-05-18 11:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

313	6.8	警告 Network	pyLoad-ng project	pyLoad-ng	pyLoad-ng projectのpyLoad-ngにおける複数の脆弱性 New	CWE-295 CWE-306 CWE-863	CVE-2026-42312	2026-05-18 11:30	2026-05-11	Show	GitHub Exploit DB Packet Storm

314	8.3	重要 Network	pyLoad-ng project	pyLoad-ng	pyLoad-ng projectのpyLoad-ngにおける複数の脆弱性 New	CWE-441 CWE-863 CWE-918	CVE-2026-42313	2026-05-18 11:30	2026-05-11	Show	GitHub Exploit DB Packet Storm

315	6.5	警告 Network	pyLoad-ng project	pyLoad-ng	pyLoad-ng projectのpyLoad-ngにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-42314	2026-05-18 11:30	2026-05-11	Show	GitHub Exploit DB Packet Storm

316	6.5	警告 Network	pyLoad-ng project	pyLoad-ng	pyLoad-ng projectのpyLoad-ngにおける複数の脆弱性 New	CWE-22 CWE-36	CVE-2026-42315	2026-05-18 11:30	2026-05-11	Show	GitHub Exploit DB Packet Storm

317	7.5	重要 Network	mongoosejs	mongoose	mongoosejsのmongooseにおけるインジェクションに関する脆弱性 New	CWE-74 インジェクション	CVE-2026-42334	2026-05-18 11:30	2026-05-14	Show	GitHub Exploit DB Packet Storm

318	7.5	重要 Network	Getarcane	Arcane	GetarcaneのArcaneにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-42461	2026-05-18 11:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

319	8.1	重要 Network	FIT2CLOUD	SQLBot	FIT2CLOUDのSQLBotにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-42463	2026-05-18 11:30	2026-05-13	Show	GitHub Exploit DB Packet Storm

320	7.8	重要 Local	マイクロソフト	Microsoft Office	マイクロソフトのMicrosoft Officeにおけるヒープベースのバッファオーバーフローの脆弱性 New	CWE-122 ヒープオーバーフロー	CVE-2026-42831	2026-05-18 11:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346381	-	techno_dreams	mailing_list	SQL injection vulnerability in Techno Dreams Mailing List script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.	NVD-CWE-Other	CVE-2005-3385	2016-10-18 12:35	2005-10-30	Show	GitHub Exploit DB Packet Storm

346382	-	techno_dreams	web_directory	SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.	NVD-CWE-Other	CVE-2005-3386	2016-10-18 12:35	2005-10-30	Show	GitHub Exploit DB Packet Storm

346383	-	cat	quick_heal	Multiple interpretation error in CAT-QuickHeal 8.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated…	NVD-CWE-Other	CVE-2005-3399	2016-10-18 12:35	2005-11-1	Show	GitHub Exploit DB Packet Storm

346384	-	fortinet	fortinet	Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated…	NVD-CWE-Other	CVE-2005-3400	2016-10-18 12:35	2005-11-1	Show	GitHub Exploit DB Packet Storm

346385	-	thehacker	thehacker	Multiple interpretation error in TheHacker 5.8.4.128 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associat…	NVD-CWE-Other	CVE-2005-3401	2016-10-18 12:35	2005-11-1	Show	GitHub Exploit DB Packet Storm

346386	-	mozilla	thunderbird	The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not notify users when it cannot establish a secure channel with the server, which allows remote attackers t…	NVD-CWE-Other	CVE-2005-3402	2016-10-18 12:35	2005-11-1	Show	GitHub Exploit DB Packet Storm

346387	-	adaptive_technology_resource_centre	atutor	Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the _base_href parameter in translate.php, …	NVD-CWE-Other	CVE-2005-3403	2016-10-18 12:35	2005-11-1	Show	GitHub Exploit DB Packet Storm

346388	-	adaptive_technology_resource_centre	atutor	Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_hea…	NVD-CWE-Other	CVE-2005-3404	2016-10-18 12:35	2005-11-1	Show	GitHub Exploit DB Packet Storm

346389	-	-	-	ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the (1) asc or (2) des…	NVD-CWE-Other	CVE-2005-3405	2016-10-18 12:35	2005-11-1	Show	GitHub Exploit DB Packet Storm

346390	-	phpbb_group	phpbb	phpBB 2.0.17 and earlier, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $_S…	NVD-CWE-Other	CVE-2005-3416	2016-10-18 12:35	2005-11-2	Show	GitHub Exploit DB Packet Storm