Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
11 4.3 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-42006 2026-05-20 13:31 2026-05-12 Show GitHub Exploit DB Packet Storm
12 4.3 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42051 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
13 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42069 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
14 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける複数の脆弱性 New CWE-862
CWE-863
CVE-2026-42137 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
15 7.8 重要
Local 		Nullsoft Nullsoft Scriptable Install System NullsoftのNullsoft Scriptable Install Systemにおける制御されていない検索パスの要素に関する脆弱性 New CWE-427
制御されていない検索パスの要素 		CVE-2026-42171 2026-05-20 13:30 2026-04-24 Show GitHub Exploit DB Packet Storm
16 4.3 警告
Network 		getkirby kirby getkirbyのkirbyにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42174 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
17 7.5 重要
Network 		OpenBao OpenBao OpenBaoにおける保存または転送前の重要な情報の削除に関する脆弱性 New CWE-212
保存または転送前の重要な情報の不適切な削除 		CVE-2026-42186 2026-05-20 13:30 2026-05-14 Show GitHub Exploit DB Packet Storm
18 7.5 重要
Network 		Ruby-lang.org Net::IMAP Ruby-lang.orgのNet::IMAPにおけるアルゴリズムの複雑さに関する脆弱性 New CWE-407
アルゴリズムの複雑性 		CVE-2026-42245 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
19 7.4 重要
Network 		Ruby-lang.org Net::IMAP Ruby-lang.orgのNet::IMAPにおける複数の脆弱性 New CWE-392
CWE-393
CWE-636
CWE-754
CWE-841
CVE-2026-42246 2026-05-20 13:30 2026-05-9 Show GitHub Exploit DB Packet Storm
20 9.8 緊急
Network 		ollama ollama Ollamaにおけるダウンロードしたコードの完全性検証不備に関する脆弱性 New CWE-494
ダウンロードしたコードの完全性検証不備 		CVE-2026-42248 2026-05-20 13:30 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346221 - nullsoft winamp Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a lo… NVD-CWE-Other
CVE-2003-1272 2017-07-11 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
346222 - nullsoft winamp Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters. NVD-CWE-Other
CVE-2003-1273 2017-07-11 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
346223 - nullsoft winamp Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux. NVD-CWE-Other
CVE-2003-1274 2017-07-11 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
346224 - - - Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe. NVD-CWE-Other
CVE-2003-1284 2017-07-11 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
346225 - sambar sambar_server Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2)… NVD-CWE-Other
CVE-2003-1285 2017-07-11 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
346226 - sambar sambar_server HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface… NVD-CWE-Other
CVE-2003-1286 2017-07-11 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
346227 - sambar sambar_server Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read … NVD-CWE-Other
CVE-2003-1287 2017-07-11 10:29 2003-12-31 Show GitHub Exploit DB Packet Storm
346228 - microsoft windows_nt The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. NVD-CWE-Other
CVE-1999-0593 2017-07-11 10:29 1999-01-1 Show GitHub Exploit DB Packet Storm
346229 - - - The netstat service is running, which provides sensitive information to remote attackers. NVD-CWE-Other
CVE-1999-0650 2017-07-11 10:29 1999-01-1 Show GitHub Exploit DB Packet Storm
346230 - linux linux_kernel The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. CWE-16
Configuration 		CVE-1999-0656 2017-07-11 10:29 1999-01-1 Show GitHub Exploit DB Packet Storm