Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3261 9.1 緊急
Network 		Open JS Foundation fastify/middie Open JS Foundationの@fastify/middieにおける解釈の競合に関する脆弱性 CWE-436
解釈の競合 		CVE-2026-33804 2026-04-24 11:30 2026-04-16 Show GitHub Exploit DB Packet Storm
3262 4.3 警告
Network 		LangGenius, Inc. Dify LangGenius, Inc.のDifyにおける複数の脆弱性 CWE-284
CWE-863
CVE-2026-34082 2026-04-24 11:30 2026-04-20 Show GitHub Exploit DB Packet Storm
3263 8.6 重要
Network 		Chamilo Association Chamilo LMS Chamilo AssociationのChamilo LMSにおける複数の脆弱性 CWE-306
CWE-918
CVE-2026-34160 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
3264 5.4 警告
Network 		Chamilo Association Chamilo LMS Chamilo AssociationのChamilo LMSにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-34161 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
3265 9.1 緊急
Network 		Canonical LXD CanonicalのLXDにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-34177 2026-04-24 11:30 2026-04-9 Show GitHub Exploit DB Packet Storm
3266 9.1 緊急
Network 		Canonical LXD CanonicalのLXDにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-34178 2026-04-24 11:30 2026-04-9 Show GitHub Exploit DB Packet Storm
3267 9.1 緊急
Network 		Canonical LXD CanonicalのLXDにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-34179 2026-04-24 11:30 2026-04-9 Show GitHub Exploit DB Packet Storm
3268 5.4 警告
Network 		Docmost Docmost Docmostにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-34212 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
3269 5.4 警告
Network 		Docmost Docmost Docmostにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-34213 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
3270 6.5 警告
Network 		オラクル PeopleSoft Enterprise HCM Absence Management オラクルのPeopleSoft Enterprise HCM Absence Managementにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-34266 2026-04-24 11:30 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347501 - - - Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build di… NVD-CWE-Other
CVE-2005-4280 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347502 - zaygo hostingcart Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root pa… NVD-CWE-Other
CVE-2005-4281 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347503 - zaygo domaincart Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML, possibly via the root parameter to zaygo.cgi. NVD-CWE-Other
CVE-2005-4282 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347504 - nightmedia the_city_shop Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via parameters to the search module, possibly SKey to store.cg… NVD-CWE-Other
CVE-2005-4283 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347505 - static_store staticstore Cross-site scripting (XSS) vulnerability in StaticStore Search Engine 1.189A and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possi… NVD-CWE-Other
CVE-2005-4284 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347506 - dick_copits pdestore Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or … NVD-CWE-Other
CVE-2005-4285 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347507 - - - Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote attackers to use arbitrary profiles via unknown vectors involving "'smart' values for userid and password," probably involving an SQL… NVD-CWE-Other
CVE-2005-4286 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347508 - soft4e ecw-cart Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) kword, (2) max, (3) min, (4) comp, and (5… NVD-CWE-Other
CVE-2005-4290 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347509 - - - Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Onlineshop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) product, (2) category, and (3) ui… NVD-CWE-Other
CVE-2005-4291 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm
347510 - internet_express_products commercesql Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords … NVD-CWE-Other
CVE-2005-4292 2011-03-8 11:27 2005-12-16 Show GitHub Exploit DB Packet Storm