Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231551	5	警告	vikingboard	-	Vikingboard の topic.php における SQL インジェクションの脆弱性	-	CVE-2006-4709	2012-12-20 18:02	2006-09-12	Show	GitHub Exploit DB Packet Storm

231552	6.8	警告	vikingboard	-	Vikingboard におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4708	2012-12-20 18:02	2006-09-12	Show	GitHub Exploit DB Packet Storm

231553	5	警告	Zope Foundation	-	Zope の docutils モジュールにおける任意のファイルを読まれる脆弱性	-	CVE-2006-4684	2012-12-20 18:02	2006-09-19	Show	GitHub Exploit DB Packet Storm

231554	1.2	注意	TIBCO Software	-	TIBCO RendezVous における重要な情報を取得される脆弱性	-	CVE-2006-4676	2012-12-20 18:02	2006-09-11	Show	GitHub Exploit DB Packet Storm

231555	7.5	危険	profitcode	-	PayProCart の profitCode ppalCart コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4672	2012-12-20 18:02	2006-09-11	Show	GitHub Exploit DB Packet Storm

231556	5.1	警告	somery	-	Somery の admin/system/include.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4669	2012-12-20 18:02	2006-09-8	Show	GitHub Exploit DB Packet Storm

231557	4.3	警告	rob hensley	-	Rob Hensley AckerTodo の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4668	2012-12-20 18:02	2006-09-8	Show	GitHub Exploit DB Packet Storm

231558	7.5	危険	runcms	-	RunCMS における SQL インジェクションの脆弱性	-	CVE-2006-4667	2012-12-20 18:02	2006-09-8	Show	GitHub Exploit DB Packet Storm

231559	7.5	危険	stefan ernst	-	Stefan Ernst Newsscript における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4666	2012-12-20 18:02	2006-09-8	Show	GitHub Exploit DB Packet Storm

231560	5.1	警告	premod shadow	-	Premod Shadow の includes/functions_portal.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4664	2012-12-20 18:02	2006-09-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
141	4.4	MEDIUM Network	-	-	ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the… New	CWE-908 Use of Uninitialized Resource	CVE-2026-45736	2026-05-16 11:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

142	4.3	MEDIUM Network	-	-	phpMyFAQ before 4.1.2 contains missing permission checks in ConfigurationTabController.php where 12 endpoints use userIsAuthenticated() instead of userHasPermission(CONFIGURATION_EDIT). Any authentic… New	CWE-862 Missing Authorization	CVE-2026-45007	2026-05-16 11:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

143	6.1	MEDIUM Network	-	-	Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.1, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Vvveb CMS com… New	CWE-79 Cross-site Scripting	CVE-2026-44366	2026-05-16 11:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

144	5.5	MEDIUM Local	microsoft	word	Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. Update	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-41101	2026-05-16 11:09	2026-05-13	Show	GitHub Exploit DB Packet Storm

145	5.5	MEDIUM Local	microsoft	powerpoint	Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally. Update	CWE-284 Improper Access Control	CVE-2026-41102	2026-05-16 11:08	2026-05-13	Show	GitHub Exploit DB Packet Storm

146	9.1	CRITICAL Network	microsoft	confluence_saml_sso jira_saml_sso	Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network. Update	CWE-303 NVD-CWE-Other Incorrect Implementation of Authentication Algorithm	CVE-2026-41103	2026-05-16 11:07	2026-05-13	Show	GitHub Exploit DB Packet Storm

147	7.8	HIGH Local	microsoft	office	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-42831	2026-05-16 11:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

148	5.5	MEDIUM Local	microsoft	excel office word	Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally. Update	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-42832	2026-05-16 11:03	2026-05-13	Show	GitHub Exploit DB Packet Storm

149	5.5	MEDIUM Local	fortinet	forticlient	A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via <insert at… Update	CWE-321 Use of Hard-coded Cryptographic Key	CVE-2026-44278	2026-05-16 10:59	2026-05-13	Show	GitHub Exploit DB Packet Storm

150	5.5	MEDIUM Local	fortinet	fortitoken_mobile	A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow atta… Update	CWE-926 Improper Export of Android Application Components	CVE-2026-44279	2026-05-16 10:57	2026-05-13	Show	GitHub Exploit DB Packet Storm