Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2051	2.6	低 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2026-22735	2026-04-24 11:33	2026-03-20	Show	GitHub Exploit DB Packet Storm

2052	5.9	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-22737	2026-04-24 11:33	2026-03-20	Show	GitHub Exploit DB Packet Storm

2053	7.2	重要 Network	デル	PowerProtect DP Series Appliance data domain operating system	デルのdata domain operating system等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-23774	2026-04-24 11:33	2026-04-20	Show	GitHub Exploit DB Packet Storm

2054	8.7	重要 Network	decidim	decidim	Decidim Free Software AssociationのDecidimにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23891	2026-04-24 11:33	2026-04-13	Show	GitHub Exploit DB Packet Storm

2055	4.9	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおける複数の脆弱性	CWE-200 CWE-94	CVE-2026-25125	2026-04-24 11:33	2026-04-14	Show	GitHub Exploit DB Packet Storm

2056	6.7	警告 Network	フォーティネット	FortiSandbox FortiSandbox Cloud	フォーティネットのFortiSandbox等の複数製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-25691	2026-04-24 11:33	2026-04-14	Show	GitHub Exploit DB Packet Storm

2057	6.1	警告 Local	Zulip	Zulip	Zulipにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-26058	2026-04-24 11:33	2026-04-3	Show	GitHub Exploit DB Packet Storm

2058	8.8	重要 Network	デル	PowerProtect DP Series Appliance data domain operating system	デルのdata domain operating system等の複数製品における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-26944	2026-04-24 11:33	2026-04-20	Show	GitHub Exploit DB Packet Storm

2059	6.1	警告 Network	Jeremiah Lowin	FastMCP	Jeremiah LowinのFastMCPにおけるフィルタリングの回避に関する脆弱性	CWE-441 フィルタリング回避	CVE-2026-27124	2026-04-24 11:33	2026-04-3	Show	GitHub Exploit DB Packet Storm

2060	2.7	低 Network	フォーティネット	FortiSandbox FortiSandbox Cloud	フォーティネットのFortiSandbox等の複数製品における認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-27316	2026-04-24 11:33	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314531	-		guillaumegardey	biborb	SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password.	CWE-89 SQL Injection	CVE-2005-0252	2024-02-3 01:54	2005-05-2	Show	GitHub Exploit DB Packet Storm

314532	6.5	MEDIUM Network	mit fedoraproject opensuse suse canonical	kerberos_5 fedora opensuse linux_enterprise ubuntu_linux	Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) vi…	CWE-416 Use After Free	CVE-2010-0629	2024-02-3 01:52	2010-04-8	Show	GitHub Exploit DB Packet Storm

314533	-		guillaumegardey	biborb	Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the…	CWE-22 Path Traversal	CVE-2005-0253	2024-02-3 01:50	2005-05-2	Show	GitHub Exploit DB Packet Storm

314534	-		guillaumegardey	biborb	BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2005-0254	2024-02-3 01:44	2005-05-2	Show	GitHub Exploit DB Packet Storm

314535	-		guillaumegardey	biborb	Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter.	CWE-79 Cross-site Scripting	CVE-2005-0251	2024-02-3 01:42	2005-05-2	Show	GitHub Exploit DB Packet Storm

314536	7.0	HIGH Local	linux opensuse suse debian	linux_kernel opensuse linux_enterprise_server linux_enterprise_desktop linux_enterprise_high_availability_extension debian_linux	Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system…	CWE-362 CWE-416 Race Condition Use After Free	CVE-2010-1437	2024-02-3 01:38	2010-05-8	Show	GitHub Exploit DB Packet Storm

314537	-		postgresql trustix mandrakesoft redhat	postgresql secure_linux mandrake_linux_corporate_server enterprise_linux_desktop enterprise_linux mandrake_linux	The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.	NVD-CWE-Other	CVE-2004-0977	2024-02-3 01:33	2005-02-9	Show	GitHub Exploit DB Packet Storm

314538	9.8	CRITICAL Network	mit openpkg debian	kerberos_5 openpkg debian_linux	Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.	CWE-415 Double Free	CVE-2004-0772	2024-02-3 00:27	2004-10-20	Show	GitHub Exploit DB Packet Storm

314539	-		mit debian redhat	kerberos_5 debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server	Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow…	CWE-415 Double Free	CVE-2004-0642	2024-02-3 00:27	2004-09-28	Show	GitHub Exploit DB Packet Storm

314540	9.8	CRITICAL Network	mit apple debian	kerberos_5 mac_os_x_server mac_os_x debian_linux	Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.	CWE-415 Double Free	CVE-2005-1689	2024-02-3 00:24	2005-07-18	Show	GitHub Exploit DB Packet Storm