Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
71	5.3	警告 Network	The Go Project	Go	The Go ProjectのGoにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-39825	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

72	6.1	警告 Network	The Go Project	Go	The Go ProjectのGoにおけるエンコードおよびエスケープに関する脆弱性 New	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-39826	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

73	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおけるNULL ポインタデリファレンスに関する脆弱性 New	CWE-476 NULL ポインタデリファレンス	CVE-2026-39836	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

74	4.3	警告 Network	アップル	tvOS iOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における古典的バッファオーバーフローの脆弱性 New	CWE-120 古典的バッファオーバーフロー	CVE-2026-39869	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

75	7.5	重要 Network		-	アップルのmacOSにおけるバッファエラーの脆弱性 New	CWE-119 バッファエラー	CVE-2026-39870	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

76	6.8	警告 Physics	ZTE	ZX297520V3 ファームウェア	ZTEのZX297520V3 ファームウェアにおける境界外書き込みに関する脆弱性 New	CWE-787 境界外書き込み	CVE-2026-40003	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

77	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性 New	CWE-427 制御されていない検索パスの要素	CVE-2026-40004	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

78	6.5	警告 Network	Zulip	Zulip Server	ZulipのZulip Serverにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-40300	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

79	6.5	警告 Network	NocoBase	NocoBase	NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-40346	2026-05-15 11:01	2026-04-18	Show	GitHub Exploit DB Packet Storm

80	8.8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-40357	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351831	-	microsoft	network_firmware	NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic.	CWE-200 Information Exposure	CVE-2002-2380	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351832	-	ka-shu_wong	gtetrinet	Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execu…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2002-2381	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351833	-	cvsup	cvsup	cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out.	CWE-59 Link Following	CVE-2002-2382	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351834	-	hotfoon_corporation	hotfoon	hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service.	CWE-255 Credentials Management	CVE-2002-2384	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351835	-	hotfoon_corporation	hotfoon	Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2002-2385	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351836	-	xoops	xoops	Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript…	CWE-79 Cross-site Scripting	CVE-2002-2386	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351837	-	mollensoft_software	hyperion_ftp_server	Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command.	CWE-22 Path Traversal	CVE-2002-2387	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351838	-	inweb	mail_server	Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2002-2388	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351839	-	fastlink_software	the_server	TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log fil…	CWE-255 Credentials Management	CVE-2002-2389	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

351840	-	cerulean_studios	trillian trillian_pro	Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a l…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2002-2390	2008-09-6 05:33	2002-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed