Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4751 5.3 警告
Network 		Daniel Gatis Rembg Daniel GatisのRembgにおける複数の脆弱性 CWE-22
CWE-73
CVE-2026-40086 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
4752 5.4 警告
Network 		FUTO Immich FUTOのImmichにおける複数の脆弱性 CWE-601
CWE-79
CVE-2026-40096 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
4753 8.2 重要
Network 		XWiki xwiki XWikiのxwikiにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40104 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4754 6.1 警告
Network 		XWiki xwiki XWikiのxwikiにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-40105 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4755 6.1 警告
Network 		Prometheus Prometheus Prometheusにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40179 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4756 7.5 重要
Network 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-40192 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
4757 8.2 重要
Network 		maddy project maddy maddy projectのmaddyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40193 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
4758 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40244 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
4759 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40250 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
4760 6.1 警告
Local 		openCryptoki Project openCryptoki openCryptoki ProjectのopenCryptokiにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-40253 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348441 - mybulletinboard mybulletinboard MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to delete or move private messages (PM) via modified fields in the inbox form. NVD-CWE-Other
CVE-2005-3777 2016-10-18 12:37 2005-11-23 Show GitHub Exploit DB Packet Storm
348442 - phpwcms phpwcms Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir paramete… NVD-CWE-Other
CVE-2005-3789 2016-10-18 12:37 2005-11-24 Show GitHub Exploit DB Packet Storm
348443 - - - Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters. NVD-CWE-Other
CVE-2005-3790 2016-10-18 12:37 2005-11-24 Show GitHub Exploit DB Packet Storm
348444 - phpadsnew
phppgads 		phpadsnew
phppgads 		HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and earlier allows remote attackers to inject arbitrary HTML headers via adclick.php and possibly other unspecified vectors. NVD-CWE-Other
CVE-2005-3791 2016-10-18 12:37 2005-11-24 Show GitHub Exploit DB Packet Storm
348445 - phpbb_group phpbb phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path. NVD-CWE-Other
CVE-2005-3799 2016-10-18 12:37 2005-11-24 Show GitHub Exploit DB Packet Storm
348446 - counterpane passwordsafe CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) fu… NVD-CWE-Other
CVE-2005-3801 2016-10-18 12:37 2005-11-24 Show GitHub Exploit DB Packet Storm
348447 - linux linux_kernel The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without pri… NVD-CWE-Other
CVE-2005-3809 2016-10-18 12:37 2005-11-26 Show GitHub Exploit DB Packet Storm
348448 - linux linux_kernel ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which lea… NVD-CWE-Other
CVE-2005-3810 2016-10-18 12:37 2005-11-26 Show GitHub Exploit DB Packet Storm
348449 - gadu-gadu gadu-gadu_instant_messenger Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone. NVD-CWE-Other
CVE-2005-3892 2016-10-18 12:37 2005-11-30 Show GitHub Exploit DB Packet Storm
348450 - mozilla mozilla Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function. NVD-CWE-Other
CVE-2005-3896 2016-10-18 12:37 2005-11-30 Show GitHub Exploit DB Packet Storm