Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3491	8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-40368	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

3492	5.5	警告 Local	jqlang	jq	jqlangのjqにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-40612	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

3493	7.5	重要 Network	PHPOffice	PhpSpreadsheet	PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-40863	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

3494	5.5	警告 Local	jqlang	jq	jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性	CWE-158 NULL バイトまたは NULL キャラクタの不適切な無害化	CVE-2026-41256	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

3495	5.5	警告 Local	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-190 CWE-787	CVE-2026-41257	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

3496	5.4	警告 Network	Langfuse GmbH	Langfuse	Langfuse GmbHのLangfuseにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41487	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

3497	9.8	緊急 Network	Nhost	Nhost/auth	NhostのNhost/authにおける認証に関する脆弱性	CWE-287 CWE-noinfo	CVE-2026-41574	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

3498	7.5	重要 Network	Web Technologies	Change Detection	Web TechnologiesのChange DetectionにおけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2026-41895	2026-05-15 11:00	2026-05-12	Show	GitHub Exploit DB Packet Storm

3499	9.8	緊急 Network	レッドハット GNU Project	Red Hat OpenShift Container Platform Red Hat Hardened Images GnuTLS Red Hat Enterprise Linux	GNU Project等の複数ベンダの製品におけるNull バイト相互作用エラー (Poison Null Byte) の脆弱性	CWE-626 Null バイト相互作用エラー (Poison Null Byte)	CVE-2026-42010	2026-05-15 11:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

3500	9.6	緊急 Network	langflow	langflow	langflowにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-42048	2026-05-15 11:00	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345421	-	squid	squid	store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.	NVD-CWE-Other	CVE-2005-2794	2017-10-11 10:30	2005-09-8	Show	GitHub Exploit DB Packet Storm

345422	-	squid	squid	The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.	NVD-CWE-Other	CVE-2005-2796	2017-10-11 10:30	2005-09-8	Show	GitHub Exploit DB Packet Storm

345423	-	cisco	ios	Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of servic…	NVD-CWE-Other	CVE-2005-2841	2017-10-11 10:30	2005-09-8	Show	GitHub Exploit DB Packet Storm

345424	-	linux	linux_kernel	The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent…	NVD-CWE-Other	CVE-2005-2873	2017-10-11 10:30	2005-09-10	Show	GitHub Exploit DB Packet Storm

345425	-	easy_software_products	cups	The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an H…	NVD-CWE-Other	CVE-2005-2874	2017-10-11 10:30	2005-09-14	Show	GitHub Exploit DB Packet Storm

345426	-	squid	squid	Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).	NVD-CWE-Other	CVE-2005-2917	2017-10-11 10:30	2005-10-1	Show	GitHub Exploit DB Packet Storm

345427	-	realnetworks	helix_player realone_player realplayer rhapsody	Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2005-2922	2017-10-11 10:30	2005-12-31	Show	GitHub Exploit DB Packet Storm

345428	-	mozilla	firefox mozilla	Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.	NVD-CWE-Other	CVE-2005-2968	2017-10-11 10:30	2005-09-21	Show	GitHub Exploit DB Packet Storm

345429	-	pam	pam	The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.	NVD-CWE-Other	CVE-2005-2977	2017-10-11 10:30	2005-11-1	Show	GitHub Exploit DB Packet Storm

345430	-	mozilla	firefox	Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in …	NVD-CWE-Other	CVE-2005-3089	2017-10-11 10:30	2005-09-29	Show	GitHub Exploit DB Packet Storm