Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3551	8.2	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41604	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

3552	7.3	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-41605	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

3553	5.3	警告 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-41606	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

3554	6.5	警告 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41607	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

3555	7.5	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-41636	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

3556	7.5	重要 Network	Marked project	Marked	Marked projectのMarkedにおける複数の脆弱性	CWE-400 CWE-674 CWE-835	CVE-2026-41680	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

3557	9.8	緊急 Network	Apache Software Foundation	Apache Pony Mail	Apache Software FoundationのApache Pony MailにおけるHTTP リクエストスマグリングに関する脆弱性	CWE-444 HTTP リクエストスマグリング	CVE-2026-41873	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

3558	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41908	2026-04-30 10:58	2026-04-23	Show	GitHub Exploit DB Packet Storm

3559	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41909	2026-04-30 10:58	2026-04-23	Show	GitHub Exploit DB Packet Storm

3560	8.8	重要 Network	GitHub	Enterprise Server	GitHubのEnterprise Serverにおける不正な正規表現に関する脆弱性	CWE-185 不正な正規表現	CVE-2026-4296	2026-04-30 10:58	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347061	-	beehive_forum	beehive_forum	Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter.	NVD-CWE-Other	CVE-2005-2422	2016-10-18 12:26	2005-08-3	Show	GitHub Exploit DB Packet Storm

347062	-	wordpress	wordpress	Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.	NVD-CWE-Other	CVE-2005-2107	2016-10-18 12:25	2005-07-5	Show	GitHub Exploit DB Packet Storm

347063	-	wordpress	wordpress	SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variab…	NVD-CWE-Other	CVE-2005-2108	2016-10-18 12:25	2005-07-5	Show	GitHub Exploit DB Packet Storm

347064	-	wordpress	wordpress	wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.	NVD-CWE-Other	CVE-2005-2109	2016-10-18 12:25	2005-07-5	Show	GitHub Exploit DB Packet Storm

347065	-	community_link_pro_web_editor	community_link_pro_web_editor	login.cgi in Community Link Pro Web Editor allows remote attackers to execute arbitrary commands via the file parameter.	NVD-CWE-Other	CVE-2005-2111	2016-10-18 12:25	2005-07-5	Show	GitHub Exploit DB Packet Storm

347066	-	xoops	xoops	Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter to edit.php or (2) cid parame…	NVD-CWE-Other	CVE-2005-2112	2016-10-18 12:25	2005-07-5	Show	GitHub Exploit DB Packet Storm

347067	-	xoops	xoops	SQL injection vulnerability in the loginUser function in the XMLRPC server in XOOPS 2.0.11 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via crafted …	NVD-CWE-Other	CVE-2005-2113	2016-10-18 12:25	2005-07-5	Show	GitHub Exploit DB Packet Storm

347068	-	raven_software	soldier_of_fortune_2	Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause a denial of service (server crash) via a large ID value in the ignore command, which is used as an array index and causes an out-…	NVD-CWE-Other	CVE-2005-2115	2016-10-18 12:25	2005-07-5	Show	GitHub Exploit DB Packet Storm

347069	-	sco	unixware	RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap request…	NVD-CWE-Other	CVE-2005-2132	2016-10-18 12:25	2005-08-3	Show	GitHub Exploit DB Packet Storm

347070	-	jboss	jbpm	A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows remote attackers to execute arbitrary comands, a re-introduction of a vulnerability that was originally identified by CVE-2003-0845.	NVD-CWE-Other	CVE-2005-2158	2016-10-18 12:25	2005-07-6	Show	GitHub Exploit DB Packet Storm