Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231461	10	危険	webo	-	Leo West WEBO の modules/abook/foldertree.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1391	2012-12-20 18:19	2007-03-10	Show	GitHub Exploit DB Packet Storm

231462	4.3	警告	Snitz	-	Snitz Forums 2000 の pop_profile.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1374	2012-12-20 18:19	2007-03-9	Show	GitHub Exploit DB Packet Storm

231463	10	危険	Pegasus Mail	-	Mercury/32 におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-1373	2012-12-20 18:19	2007-03-9	Show	GitHub Exploit DB Packet Storm

231464	10	危険	postguestbook	-	PHP-Nuke 用の PostGuestbook モジュールにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-1372	2012-12-20 18:19	2007-03-9	Show	GitHub Exploit DB Packet Storm

231465	6.9	警告	Jon Trulson	-	Conquest におけるバッファオーバーフローの脆弱性	-	CVE-2007-1371	2012-12-20 18:19	2007-03-9	Show	GitHub Exploit DB Packet Storm

231466	6.2	警告	Zend Technologies Ltd.	-	Zend Platform におけるルート権限を取得される脆弱性	-	CVE-2007-1370	2012-12-20 18:19	2007-03-9	Show	GitHub Exploit DB Packet Storm

231467	4.4	警告	Zend Technologies Ltd.	-	Zend Platform の ini_modifier における system.ini ファイルを変更される脆弱性	-	CVE-2007-1369	2012-12-20 18:19	2007-03-9	Show	GitHub Exploit DB Packet Storm

231468	4.3	警告	VirtueMart	-	VirtueMart の virtuemart_parser.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1361	2012-12-20 18:19	2007-03-8	Show	GitHub Exploit DB Packet Storm

231469	6.6	警告	サン・マイクロシステムズ	-	Sun Fire X2100M2 および X2200M2 用の ipmitool における権限を取得される脆弱性	-	CVE-2007-1346	2012-12-20 18:19	2007-03-7	Show	GitHub Exploit DB Packet Storm

231470	7.5	危険	webcalendar	-	Craig Knudsen WebCalendar の includes/functions.php における任意のグローバル変数を設定される脆弱性	-	CVE-2007-1343	2012-12-20 18:19	2007-03-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1081	7.8	HIGH Local	microsoft	azure_connected_machine_agent	Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.	CWE-284 Improper Access Control	CVE-2026-40381	2026-05-18 22:35	2026-05-13	Show	GitHub Exploit DB Packet Storm

1082	6.5	MEDIUM Network	shellhub	shellhub	ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/devices/:uid returns the full device object whenever the caller is authenticated, without verifying that the device belongs to the cal…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-44424	2026-05-18 22:35	2026-05-14	Show	GitHub Exploit DB Packet Storm

1083	5.4	MEDIUM Network	shellhub	shellhub	ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in the the name field of each filter property in the base64-encoded filter query p…	CWE-20 CWE-943 CWE-1333 Improper Input Validation Improper Neutralization of Special Elements in Data Query Logic Inefficient Regular Expression Complexity	CVE-2026-44425	2026-05-18 22:34	2026-05-14	Show	GitHub Exploit DB Packet Storm

1084	4.3	MEDIUM Network	microsoft	edge	User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-35429	2026-05-18 22:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1085	5.5	MEDIUM Local	microsoft	teams	Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.	CWE-552 Files or Directories Accessible to External Parties	CVE-2026-32185	2026-05-18 22:33	2026-05-13	Show	GitHub Exploit DB Packet Storm

1086	4.3	MEDIUM Network	microsoft	edge_chromium	User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-40416	2026-05-18 22:26	2026-05-13	Show	GitHub Exploit DB Packet Storm

1087	7.5	HIGH Network	-	-	A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS pa…	CWE-475 Undefined Behavior for Input to API	CVE-2026-42009	2026-05-18 22:16	2026-05-18	Show	GitHub Exploit DB Packet Storm

1088	9.8	CRITICAL Network	netty	netty	Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both…	CWE-444 HTTP Request Smuggling	CVE-2026-42581	2026-05-18 22:14	2026-05-14	Show	GitHub Exploit DB Packet Storm

1089	9.8	CRITICAL Network	espressif	arduino-esp32	arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a …	CWE-121 Stack-based Buffer Overflow	CVE-2026-42854	2026-05-18 22:09	2026-05-13	Show	GitHub Exploit DB Packet Storm

1090	8.8	HIGH Network	mongodb	mongodb	An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issu…	CWE-787 Out-of-bounds Write	CVE-2026-8053	2026-05-18 22:06	2026-05-13	Show	GitHub Exploit DB Packet Storm