Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4701 2.6
Network 		VMware Spring Framework VMwareのSpring Frameworkにおけるリソースのロックに関する脆弱性 CWE-667
不適切なロック 		CVE-2026-22735 2026-04-24 11:33 2026-03-20 Show GitHub Exploit DB Packet Storm
4702 5.9 警告
Network 		VMware Spring Framework VMwareのSpring Frameworkにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-22737 2026-04-24 11:33 2026-03-20 Show GitHub Exploit DB Packet Storm
4703 7.2 重要
Network 		デル PowerProtect DP Series Appliance
data domain operating system 		デルのdata domain operating system等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-23774 2026-04-24 11:33 2026-04-20 Show GitHub Exploit DB Packet Storm
4704 8.7 重要
Network 		decidim decidim Decidim Free Software AssociationのDecidimにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-23891 2026-04-24 11:33 2026-04-13 Show GitHub Exploit DB Packet Storm
4705 4.9 警告
Network 		OctoberCMS October OctoberCMSのOctoberにおける複数の脆弱性 CWE-200
CWE-94
CVE-2026-25125 2026-04-24 11:33 2026-04-14 Show GitHub Exploit DB Packet Storm
4706 6.7 警告
Network 		フォーティネット FortiSandbox
FortiSandbox Cloud 		フォーティネットのFortiSandbox等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-25691 2026-04-24 11:33 2026-04-14 Show GitHub Exploit DB Packet Storm
4707 6.1 警告
Local 		Zulip Zulip Zulipにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-26058 2026-04-24 11:33 2026-04-3 Show GitHub Exploit DB Packet Storm
4708 8.8 重要
Network 		デル PowerProtect DP Series Appliance
data domain operating system 		デルのdata domain operating system等の複数製品における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-26944 2026-04-24 11:33 2026-04-20 Show GitHub Exploit DB Packet Storm
4709 6.1 警告
Network 		Jeremiah Lowin FastMCP Jeremiah LowinのFastMCPにおけるフィルタリングの回避に関する脆弱性 CWE-441
フィルタリング回避 		CVE-2026-27124 2026-04-24 11:33 2026-04-3 Show GitHub Exploit DB Packet Storm
4710 2.7
Network 		フォーティネット FortiSandbox
FortiSandbox Cloud 		フォーティネットのFortiSandbox等の複数製品における認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-27316 2026-04-24 11:33 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
352041 - coastal_data_management e-quick_cart Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject arbitrary web script or HTML via the (1) strgifttoname parameter in shopgift.asp, (2) strfirstname… NVD-CWE-Other
CVE-2005-3736 2008-09-6 05:55 2005-11-22 Show GitHub Exploit DB Packet Storm
352042 - almondsoft almond_classifieds Almond Classifieds does not properly verify the password, which allows attackers to bypass access restrictions. NVD-CWE-Other
CVE-2005-3741 2008-09-6 05:55 2005-11-22 Show GitHub Exploit DB Packet Storm
352043 - simplepoll simplepoll SQL injection vulnerability in results.php in SimplePoll allows remote attackers to execute arbitrary SQL commands via the pollid parameter. NVD-CWE-Other
CVE-2005-3743 2008-09-6 05:55 2005-11-22 Show GitHub Exploit DB Packet Storm
352044 - apsis pound HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with c… NVD-CWE-Other
CVE-2005-3751 2008-09-6 05:55 2005-11-23 Show GitHub Exploit DB Packet Storm
352045 - ldapdiff ldapdiff Unspecified vulnerability in ldapdiff before 1.1.1 has unknown impact and attack vectors, related to "ldapdiff.conf path construction". NVD-CWE-Other
CVE-2005-3752 2008-09-6 05:55 2005-11-23 Show GitHub Exploit DB Packet Storm
352046 - linux linux_kernel Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher p… NVD-CWE-Other
CVE-2005-3753 2008-09-6 05:55 2005-11-23 Show GitHub Exploit DB Packet Storm
352047 - exponent exponent Cross-site scripting (XSS) vulnerability in Exponent CMS 0.96.3 and later versions allows remote attackers to inject arbitrary web script or HTML via (1) Javascript in forms produced by the form gene… NVD-CWE-Other
CVE-2005-3761 2008-09-6 05:55 2005-11-23 Show GitHub Exploit DB Packet Storm
352048 - exponent exponent Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote attackers to obtain sensitive information. NOTE: this might be resu… NVD-CWE-Other
CVE-2005-3763 2008-09-6 05:55 2005-11-23 Show GitHub Exploit DB Packet Storm
352049 - exponent exponent The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly invol… NVD-CWE-Other
CVE-2005-3764 2008-09-6 05:55 2005-11-23 Show GitHub Exploit DB Packet Storm
352050 - exponent exponent Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2005-3765 2008-09-6 05:55 2005-11-23 Show GitHub Exploit DB Packet Storm