Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2271	5.5	警告 Local	フォーティネット	FortiClientEMS	フォーティネットのFortiClientEMSにおけるハードコードされた暗号鍵の使用に関する脆弱性	CWE-321 ハードコードされた暗号鍵の使用	CVE-2026-39810	2026-04-23 10:11	2026-04-14	Show	GitHub Exploit DB Packet Storm

2272	4.9	警告 Network	フォーティネット	Fortiweb	フォーティネットのFortiwebにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-39811	2026-04-23 10:11	2026-04-14	Show	GitHub Exploit DB Packet Storm

2273	4.8	警告 Network	フォーティネット	FortiSandbox FortiSandbox Cloud	フォーティネットのFortiSandbox等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-39812	2026-04-23 10:11	2026-04-14	Show	GitHub Exploit DB Packet Storm

2274	6.7	警告 Local	フォーティネット	Fortiweb	フォーティネットのFortiwebにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-39814	2026-04-23 10:11	2026-04-14	Show	GitHub Exploit DB Packet Storm

2275	4.1	警告 Network	Weblate	Weblate	Weblateにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-39845	2026-04-23 10:11	2026-04-15	Show	GitHub Exploit DB Packet Storm

2276	5.9	警告 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性	CWE-400 CWE-662	CVE-2026-39865	2026-04-23 10:11	2026-04-8	Show	GitHub Exploit DB Packet Storm

2277	6.1	警告 Local	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-125 CWE-476 CWE-843	CVE-2026-39956	2026-04-23 10:11	2026-04-13	Show	GitHub Exploit DB Packet Storm

2278	7.2	重要 Network	citeum	opencti	citeumのopenctiにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-1336 テンプレートエンジンで使用される特殊な要素の不適切な無効化	CVE-2026-39980	2026-04-23 10:11	2026-04-9	Show	GitHub Exploit DB Packet Storm

2279	6.1	警告 Network	McGill University	LORIS (Longitudinal Online Research and Imaging System)	McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)におけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-39985	2026-04-23 10:11	2026-04-9	Show	GitHub Exploit DB Packet Storm

2280	5.3	警告 Network	Apache Software Foundation	Apache Log4cxx	Apache Software FoundationのApache Log4cxxにおけるエンコードおよびエスケープに関する脆弱性	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-40023	2026-04-23 10:11	2026-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348181	-	easy_software_products apple	cups mac_os_x	CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection.	NVD-CWE-Other	CVE-2005-2526	2008-09-6 05:51	2005-08-19	Show	GitHub Exploit DB Packet Storm

348182	-	maxwebportal	maxwebportal	SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.	NVD-CWE-Other	CVE-2005-1779	2008-09-6 05:50	2005-05-31	Show	GitHub Exploit DB Packet Storm

348183	-	mailenable	mailenable_enterprise mailenable_professional	Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash).	NVD-CWE-Other	CVE-2005-1781	2008-09-6 05:50	2005-05-31	Show	GitHub Exploit DB Packet Storm

348184	-	w.m.r._simpson	bookreview	Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to (1) add_review.htm, (2) suggest_revi…	NVD-CWE-Other	CVE-2005-1782	2008-09-6 05:50	2005-05-26	Show	GitHub Exploit DB Packet Storm

348185	-	hosting_controller	hosting_controller	Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.	NVD-CWE-Other	CVE-2005-1784	2008-09-6 05:50	2005-05-27	Show	GitHub Exploit DB Packet Storm

348186	-	hosting_controller	hosting_controller	SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote attackers to execute arbitrary SQL commands via the jresourceid parameter.	NVD-CWE-Other	CVE-2005-1788	2008-09-6 05:50	2005-06-1	Show	GitHub Exploit DB Packet Storm

348187	-	india_software_solution	shopping_cart	SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password.	NVD-CWE-Other	CVE-2005-1789	2008-09-6 05:50	2005-05-29	Show	GitHub Exploit DB Packet Storm

348188	-	microsoft	windows_xp	Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can b…	NVD-CWE-Other	CVE-2005-1792	2008-09-6 05:50	2005-06-1	Show	GitHub Exploit DB Packet Storm

348189	-	openssl	openssl	The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES…	NVD-CWE-Other	CVE-2005-1797	2008-09-6 05:50	2005-05-26	Show	GitHub Exploit DB Packet Storm

348190	-	serverscheck	monitoring_software	Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.	NVD-CWE-Other	CVE-2005-1798	2008-09-6 05:50	2005-05-29	Show	GitHub Exploit DB Packet Storm