Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2341 9.3 緊急
Network 		マイクロソフト Microsoft 365 Copilot Microsoft 365 Copilot の特権昇格の脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-33102 2026-05-1 10:48 2026-04-23 Show GitHub Exploit DB Packet Storm
2342 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-822
信頼性のないポインタデリファレンス 		CVE-2026-33114 2026-05-1 10:48 2026-04-14 Show GitHub Exploit DB Packet Storm
2343 8.4 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-33115 2026-05-1 10:47 2026-04-14 Show GitHub Exploit DB Packet Storm
2344 7.8 重要
Local 		ggml.ai llama.cpp ggml.aiのllama.cppにおける複数の脆弱性 CWE-122
CWE-190
CVE-2026-33298 2026-05-1 10:47 2026-03-24 Show GitHub Exploit DB Packet Storm
2345 6.1 警告
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-33822 2026-05-1 10:47 2026-04-14 Show GitHub Exploit DB Packet Storm
2346 5.2 警告
Physics 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおけるPRNG におけるシードの不正な使用に関する脆弱性 CWE-335
PRNGにおけるシードの不正な使用 		CVE-2026-3503 2026-05-1 10:47 2026-03-19 Show GitHub Exploit DB Packet Storm
2347 9.8 緊急
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおける複数の脆弱性 CWE-122
CWE-787
CWE-787
CVE-2026-3548 2026-05-1 10:47 2026-03-19 Show GitHub Exploit DB Packet Storm
2348 5.9 警告
Network 		VMware Spring AI VMwareのSpring AIにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40966 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
2349 8.6 重要
Network 		VMware Spring AI VMwareのSpring AIにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-40967 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
2350 7.5 重要
Adjacent 		VMware Spring Boot VMwareのSpring Bootにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-40972 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346951 - punbb punbb SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action. NVD-CWE-Other
CVE-2005-1051 2016-10-18 12:16 2005-05-2 Show GitHub Exploit DB Packet Storm
346952 - sun j2se Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NVD-CWE-Other
CVE-2005-0836 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346953 - kayako esupport Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter. NVD-CWE-Other
CVE-2005-0842 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346954 - phorum phorum CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location hea… NVD-CWE-Other
CVE-2005-0843 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346955 - - - Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. (dot dot) in the attach_id parameter. NVD-CWE-Other
CVE-2005-0845 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346956 - netwin surgemail Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2)… NVD-CWE-Other
CVE-2005-0846 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346957 - bosanova
ibm
mochasoft
powerterm 		launcher400
client_access
tn5250
interconnect 		AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to e… NVD-CWE-Other
CVE-2005-0868 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346958 - oracle 10g_reports_server Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) reppr… NVD-CWE-Other
CVE-2005-0873 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346959 - cerulean_studios trillian Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP … NVD-CWE-Other
CVE-2005-0874 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm
346960 - cerulean_studios trillian Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response heade… NVD-CWE-Other
CVE-2005-0875 2016-10-18 12:15 2005-05-2 Show GitHub Exploit DB Packet Storm