Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229521 4.3 警告 xrms crm - XRMS CRM の admin/users/self.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1129 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
229522 6.8 警告 phpmytourney - phpMyTourney の tourney/index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1128 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
229523 5 警告 podcast generator - Podcast Generator におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1125 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
229524 6.8 警告 podcast generator - Podcast Generator における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1124 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
229525 6.8 警告 sitebuilder - SiteBuilder Elite における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1123 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
229526 9.3 危険 rising antivirus international - Rising Antivirus Online Scanner の Web Scan Object ActiveX コントロール における任意のコードを強制的にダウンロードされる脆弱性 CWE-DesignError
CVE-2008-1116 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
229527 7.8 危険 Vocera - Cisco Unified Wireless IP Phone 7921 におけるハッシュされたパスワードを盗まれる脆弱性 CWE-200
情報漏えい 		CVE-2008-1113 2012-12-20 18:34 2008-03-3 Show GitHub Exploit DB Packet Storm
229528 6.8 警告 Xine - xine-lib の xineplug_dmx_asf.so プラグイン におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1110 2012-12-20 18:34 2008-02-29 Show GitHub Exploit DB Packet Storm
229529 6.8 警告 quantum game library - Quantum Game Library における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1069 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
229530 6.8 警告 portail web php - Portail Web Php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1068 2012-12-20 18:34 2008-02-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2641 6.1 MEDIUM
Network 		jupyter jupyter_server Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._red… CWE-601
Open Redirect 		CVE-2025-61669 2026-05-11 22:01 2026-05-6 Show GitHub Exploit DB Packet Storm
2642 8.8 HIGH
Network 		tenda cx12l_firmware A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based buffer overflow.… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-8138 2026-05-11 22:00 2026-05-8 Show GitHub Exploit DB Packet Storm
2643 6.8 MEDIUM
Network 		jupyter jupyter_server Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runt… CWE-613
 Insufficient Session Expiration 		CVE-2026-40934 2026-05-11 22:00 2026-05-6 Show GitHub Exploit DB Packet Storm
2644 7.8 HIGH
Local 		navercorp mybox NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks. CWE-266
 Incorrect Privilege Assignment 		CVE-2026-8148 2026-05-11 21:59 2026-05-8 Show GitHub Exploit DB Packet Storm
2645 7.3 HIGH
Network 		jupyter jupyter_server Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pa… CWE-777
 Regular Expression without Anchors 		CVE-2026-40110 2026-05-11 21:59 2026-05-6 Show GitHub Exploit DB Packet Storm
2646 5.3 MEDIUM
Local 		prusa3d prusaslicer In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported. CWE-77
Command Injection 		CVE-2023-47268 2026-05-11 21:58 2026-05-8 Show GitHub Exploit DB Packet Storm
2647 8.1 HIGH
Network 		apache cloudstack Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, th… CWE-459
 Incomplete Cleanup 		CVE-2025-66467 2026-05-11 21:57 2026-05-8 Show GitHub Exploit DB Packet Storm
2648 9.1 CRITICAL
Network 		ollama ollama Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and… CWE-125
Out-of-bounds Read 		CVE-2026-7482 2026-05-11 21:27 2026-05-4 Show GitHub Exploit DB Packet Storm
2649 9.8 CRITICAL
Network 		- - OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS. CWE-78
OS Command  		CVE-2026-8153 2026-05-11 19:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2650 4.7 MEDIUM
Network 		oracle macoron Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker w… CWE-601
CWE-346
Open Redirect
 Origin Validation Error 		CVE-2026-35253 2026-05-11 05:16 2026-05-6 Show GitHub Exploit DB Packet Storm