Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
621	7.3	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-44721	2026-05-20 13:27	2026-05-15	Show	GitHub Exploit DB Packet Storm

622	5.5	警告 Local	Vim	Vim	Vimにおける複数の脆弱性	CWE-122 CWE-190	CVE-2026-45130	2026-05-20 13:27	2026-05-8	Show	GitHub Exploit DB Packet Storm

623	5.4	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45299	2026-05-20 13:27	2026-05-15	Show	GitHub Exploit DB Packet Storm

624	8.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-45301	2026-05-20 13:27	2026-05-15	Show	GitHub Exploit DB Packet Storm

625	7.7	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45303	2026-05-20 13:27	2026-05-15	Show	GitHub Exploit DB Packet Storm

626	6.1	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける代替 XSS 構文の不適切な無効化に関する脆弱性	CWE-87 代替 XSS 構文の不適切な無効化	CVE-2026-45314	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

627	8.7	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性	CWE-434 CWE-646 CWE-79	CVE-2026-45315	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

628	3.5	低 Network	openwebui	open webui	openwebuiのopen webuiにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-45316	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

629	4.6	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性	CWE-20 CWE-352	CVE-2026-45317	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

630	5.4	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45318	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345731	-	matthew_phillips	sticker	The person-to-person secure messaging feature in Sticker before 3.1.0 beta 2 allows remote attackers to post messages to unauthorized private groups by using the group's public encryption key.	NVD-CWE-Other	CVE-2004-2535	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345732	-	matthew_phillips	sticker	This vulnerability is addressed in the following product update: Matthew Phillips, Sticker, 3.1.0 Beta 2	NVD-CWE-Other	CVE-2004-2535	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345733	-	linux	linux_kernel	The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does …	NVD-CWE-Other	CVE-2004-2536	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345734	-	netwin	surgemail	Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug."	NVD-CWE-Other	CVE-2004-2537	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345735	-	nilesh_dosooye	phpcodegenie	Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) …	NVD-CWE-Other	CVE-2004-2538	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345736	-	network_appliance	data_ontap netcache	Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vector…	NVD-CWE-Other	CVE-2004-2539	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345737	-	sun	jdk jre	readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted seri…	NVD-CWE-Other	CVE-2004-2540	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345738	-	dynix	webpac	Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to exe…	NVD-CWE-Other	CVE-2004-2542	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345739	-	securecomputing	sidewinder_g2	Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MI…	NVD-CWE-Other	CVE-2004-2543	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

345740	-	securecomputing	sidewinder_g2	Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information.	NVD-CWE-Other	CVE-2004-2544	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm