Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3461	8.8	重要 Network	Nextcloud windmill project	windmill Nextcloud Flow	Nextcloud等の複数ベンダの製品における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-22683	2026-04-27 11:18	2026-04-7	Show	GitHub Exploit DB Packet Storm

3462	7.5	重要 Network	XiangShan	NEMU	XiangShanのNEMUにおける複数の脆弱性	CWE-1287 CWE-131	CVE-2026-29645	2026-04-27 11:18	2026-04-20	Show	GitHub Exploit DB Packet Storm

3463	9.8	緊急 Network	XiangShan	NEMU	XiangShanのNEMUにおける保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-29649	2026-04-27 11:18	2026-04-20	Show	GitHub Exploit DB Packet Storm

3464	7.5	重要 Network	Nimiq	Nimiq Proof of Stake (core-rs-albatross)	NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性	CWE-125 CWE-193	CVE-2026-32605	2026-04-27 11:18	2026-04-13	Show	GitHub Exploit DB Packet Storm

3465	9.6	緊急 Network	Nimiq	Nimiq Proof of Stake (core-rs-albatross)	NimiqのNimiq Proof of Stake (core-rs-albatross)における複数の脆弱性	CWE-1284 CWE-190 CWE-20 CWE-345	CVE-2026-33471	2026-04-27 11:18	2026-04-22	Show	GitHub Exploit DB Packet Storm

3466	9.8	緊急 Network	PowerDNS	PowerDNS Authoritative Server	PowerDNSのPowerDNS Authoritative Serverにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-33608	2026-04-27 11:18	2026-04-22	Show	GitHub Exploit DB Packet Storm

3467	6.5	警告 Network	PowerDNS	PowerDNS Authoritative Server	PowerDNSのPowerDNS Authoritative ServerにおけるLDAP インジェクションの脆弱性	CWE-90 LDAP インジェクション	CVE-2026-33609	2026-04-27 11:18	2026-04-22	Show	GitHub Exploit DB Packet Storm

3468	7.5	重要 Network	PowerDNS	PowerDNS Authoritative Server	PowerDNSのPowerDNS Authoritative Serverにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-33610	2026-04-27 11:18	2026-04-22	Show	GitHub Exploit DB Packet Storm

3469	5.3	警告 Network	Nimiq	Nimiq Proof of Stake (core-rs-albatross)	NimiqのNimiq Proof of Stake (core-rs-albatross)における制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-34062	2026-04-27 11:18	2026-04-22	Show	GitHub Exploit DB Packet Storm

3470	7.5	重要 Network	Nimiq	Nimiq Proof of Stake (core-rs-albatross)	NimiqのNimiq Proof of Stake (core-rs-albatross)における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-34063	2026-04-27 11:18	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347111	-	infopop	ultimate_bulletin_board	Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "display…	NVD-CWE-Other	CVE-2003-0587	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

347112	-	digi-fx	digi-news	admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php tha…	NVD-CWE-Other	CVE-2003-0588	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

347113	-	digi-fx	digi-news	admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that…	NVD-CWE-Other	CVE-2003-0589	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

347114	-	splatt	splatt_forum	Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field.	NVD-CWE-Other	CVE-2003-0590	2016-10-18 11:35	2003-08-18	Show	GitHub Exploit DB Packet Storm

347115	-	sco	openserver	Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.	NVD-CWE-Other	CVE-2003-0597	2016-10-18 11:35	2003-08-27	Show	GitHub Exploit DB Packet Storm

347116	-	hugo_rabson	mindi	mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0617	2016-10-18 11:35	2003-08-27	Show	GitHub Exploit DB Packet Storm

347117	-	andries_brouwer	man	Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in…	NVD-CWE-Other	CVE-2003-0620	2016-10-18 11:35	2003-08-27	Show	GitHub Exploit DB Packet Storm

347118	-	ehud_gavron	traceroute-nanog	traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain "nprobes" and "max_ttl" arguments that cause an integer overflow that is use…	NVD-CWE-Other	CVE-2003-0453	2016-10-18 11:34	2003-08-7	Show	GitHub Exploit DB Packet Storm

347119	-	imagemagick	libmagick_library	The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0455	2016-10-18 11:34	2003-08-7	Show	GitHub Exploit DB Packet Storm

347120	-	linux	linux_kernel	Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules…	NVD-CWE-Other	CVE-2003-0467	2016-10-18 11:34	2003-08-27	Show	GitHub Exploit DB Packet Storm