Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
491	7.5	重要 Network	V2Board	V2Board	V2BoardにおけるGET リクエストにおけるクエリ文字列からの情報漏えいに関する脆弱性 New	CWE-598 GET リクエストにおけるクエリ文字列からの情報漏えい	CVE-2026-37504	2026-05-13 10:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

492	4.9	警告 Network	V2Board	V2Board	V2BoardにおけるSQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2026-37505	2026-05-13 10:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

493	5.4	警告 Network	Apache Software Foundation	Apache-airflow-providers-keycloak	Apache Software FoundationのApache-airflow-providers-keycloakにおけるクロスサイトリクエストフォージェリの脆弱性 New	CWE-352 同一生成元ポリシー違反	CVE-2026-40948	2026-05-13 10:26	2026-04-18	Show	GitHub Exploit DB Packet Storm

494	6.5	警告 Adjacent	ウォッチガード・テクノロジー	WatchGuard Agent	ウォッチガード・テクノロジーのWatchGuard Agentにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-41286	2026-05-13 10:26	2026-05-6	Show	GitHub Exploit DB Packet Storm

495	6.5	警告 Adjacent	ウォッチガード・テクノロジー	WatchGuard Agent	ウォッチガード・テクノロジーのWatchGuard Agentにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-41287	2026-05-13 10:26	2026-05-6	Show	GitHub Exploit DB Packet Storm

496	7.8	重要 Local	ウォッチガード・テクノロジー	WatchGuard Agent	ウォッチガード・テクノロジーのWatchGuard Agentにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 New	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-41288	2026-05-13 10:26	2026-05-6	Show	GitHub Exploit DB Packet Storm

497	9.9	緊急 Network	Mozilla Foundation	0DIN Scanner	Mozilla Foundationの0DIN Scannerにおけるコードインジェクションの脆弱性 New	CWE-94 コード・インジェクション	CVE-2026-41512	2026-05-13 10:26	2026-05-8	Show	GitHub Exploit DB Packet Storm

498	9.8	緊急 Network	D-Link Systems, Inc.	DIR-456U Firmware	D-Link CorporationのDIR-456U Firmwareにおけるハードコードされた認証情報の使用に関する脆弱性 New	CWE-798 ハードコードされた認証情報の使用	CVE-2026-42376	2026-05-13 10:26	2026-05-4	Show	GitHub Exploit DB Packet Storm

499	6.5	警告 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-4502	2026-05-13 10:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

500	7.5	重要 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-4503	2026-05-13 10:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346591	-	phpwebsite	phpwebsite	Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fa…	NVD-CWE-Other	CVE-2003-0736	2016-10-18 11:37	2003-10-20	Show	GitHub Exploit DB Packet Storm

346592	-	phpwebsite	phpwebsite	The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of…	NVD-CWE-Other	CVE-2003-0737	2016-10-18 11:37	2003-10-20	Show	GitHub Exploit DB Packet Storm

346593	-	phpwebsite	phpwebsite	The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service (crash) via a long year parameter.	CWE-134 Use of Externally-Controlled Format String	CVE-2003-0738	2016-10-18 11:37	2003-10-20	Show	GitHub Exploit DB Packet Storm

346594	-	vmware	workstation	VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack.	NVD-CWE-Other	CVE-2003-0739	2016-10-18 11:37	2003-10-20	Show	GitHub Exploit DB Packet Storm

346595	-	stunnel	stunnel	Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.	NVD-CWE-Other	CVE-2003-0740	2016-10-18 11:37	2003-10-20	Show	GitHub Exploit DB Packet Storm

346596	-	university_of_cambridge	exim	Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument…	NVD-CWE-Other	CVE-2003-0743	2016-10-18 11:37	2003-10-20	Show	GitHub Exploit DB Packet Storm

346597	-	leafnode	leafnode	The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchne…	NVD-CWE-Other	CVE-2003-0744	2016-10-18 11:37	2003-10-20	Show	GitHub Exploit DB Packet Storm

346598	-	ibm	db2_universal_database	Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.	NVD-CWE-Other	CVE-2003-0759	2016-10-18 11:37	2003-10-6	Show	GitHub Exploit DB Packet Storm

346599	-	squished_mosquito	escapade	Cross-site scripting (XSS) vulnerability in Escapade Scripting Engine (ESP) allows remote attackers to inject arbitrary script via the method parameter, as demonstrated using the PAGE parameter.	NVD-CWE-Other	CVE-2003-0763	2016-10-18 11:37	2003-09-17	Show	GitHub Exploit DB Packet Storm

346600	-	squished_mosquito	escapade	Escapade Scripting Engine (ESP) allows remote attackers to obtain sensitive path information via a malformed request, which leaks the information in an error message, as demonstrated using the PAGE p…	NVD-CWE-Other	CVE-2003-0764	2016-10-18 11:37	2003-09-17	Show	GitHub Exploit DB Packet Storm