Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3751 5.3 警告
Network 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-39886 2026-04-24 11:42 2026-04-21 Show GitHub Exploit DB Packet Storm
3752 8.8 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-39891 2026-04-24 11:42 2026-04-8 Show GitHub Exploit DB Packet Storm
3753 4.3 警告
Network 		lycheeorg lychee lycheeorgのLycheeにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-39957 2026-04-24 11:42 2026-04-9 Show GitHub Exploit DB Packet Storm
3754 9.6 緊急
Network 		MISP MISP MISPにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-39962 2026-04-24 11:42 2026-04-9 Show GitHub Exploit DB Packet Storm
3755 6.9 警告
Network 		s9y Serendipity s9yのSerendipityにおける検証および完全性チェックを行っていない Cookie への依存に関する脆弱性 CWE-565
検証および完全性チェックを行っていない Cookie への依存 		CVE-2026-39963 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
3756 7.2 重要
Network 		s9y Serendipity s9yのSerendipityにおけるHTTP レスポンス分割に関する脆弱性 CWE-113
HTTP レスポンスの分割 		CVE-2026-39971 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
3757 7.1 重要
Local 		apktool apktool Apktoolにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39973 2026-04-24 11:42 2026-04-21 Show GitHub Exploit DB Packet Storm
3758 5.3 警告
Network 		Apache Software Foundation Apache log4net Apache Software FoundationのApache log4netにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-40021 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
3759 5.3 警告
Network 		Daniel Gatis Rembg Daniel GatisのRembgにおける複数の脆弱性 CWE-22
CWE-73
CVE-2026-40086 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
3760 5.4 警告
Network 		FUTO Immich FUTOのImmichにおける複数の脆弱性 CWE-601
CWE-79
CVE-2026-40096 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347461 - mutt
stuart_parmenter 		mutt
balsa 		The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values th… NVD-CWE-Other
CVE-2003-0299 2016-10-18 11:32 2003-06-16 Show GitHub Exploit DB Packet Storm
347462 - microsoft
mozilla
mutt
qualcomm
stuart_parmenter
sylpheed
university_of_washington
ximian 		outlook_express
mozilla
mutt
eudora
balsa
sylpheed_email_client
pine
evolution 		The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or inte… NVD-CWE-Other
CVE-2003-0300 2016-10-18 11:32 2003-06-16 Show GitHub Exploit DB Packet Storm
347463 - microsoft outlook_express The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness… NVD-CWE-Other
CVE-2003-0301 2016-10-18 11:32 2003-06-16 Show GitHub Exploit DB Packet Storm
347464 - qualcomm eudora The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer … NVD-CWE-Other
CVE-2003-0302 2016-10-18 11:32 2003-06-16 Show GitHub Exploit DB Packet Storm
347465 - oneorzero oneorzero_helpdesk SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. NVD-CWE-Other
CVE-2003-0303 2016-10-18 11:32 2003-06-9 Show GitHub Exploit DB Packet Storm
347466 - oneorzero oneorzero_helpdesk one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. NVD-CWE-Other
CVE-2003-0304 2016-10-18 11:32 2003-06-9 Show GitHub Exploit DB Packet Storm
347467 - poster poster Poster version.two allows remote authenticated users to gain administrative privileges by appending the "|" field separator and an "admin" value into the email address field. NVD-CWE-Other
CVE-2003-0307 2016-10-18 11:32 2003-06-9 Show GitHub Exploit DB Packet Storm
347468 - ez ez_publish Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script. CWE-79
Cross-site Scripting 		CVE-2003-0310 2016-10-18 11:32 2003-06-16 Show GitHub Exploit DB Packet Storm
347469 - snowblind.net snowblind_web_server Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. NVD-CWE-Other
CVE-2003-0312 2016-10-18 11:32 2003-06-16 Show GitHub Exploit DB Packet Storm
347470 - snowblind.net snowblind_web_server Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request. NVD-CWE-Other
CVE-2003-0313 2016-10-18 11:32 2003-06-16 Show GitHub Exploit DB Packet Storm