Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2431	4.9	警告 Network	Kimai project	kimai	Kimai projectのKimaiにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-44298	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2432	7.8	重要 Local	LibreOffice プロジェクト	LibreOffice	LibreOffice プロジェクトのLibreOfficeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-4430	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

2433	8.4	重要 Local	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44334	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2434	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44335	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2435	9.6	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-22 CWE-829 CWE-913 CWE-94	CVE-2026-44336	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2436	6.3	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-89	CVE-2026-44337	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2437	7.3	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-1188 CWE-306 CWE-668	CVE-2026-44338	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2438	8.6	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性	CWE-470 クラスまたはコードを選択する外部から制御された入力の使用	CVE-2026-44339	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2439	7.5	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-22 CWE-59	CVE-2026-44340	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2440	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-44406	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346101	-	yager_development	yager_game	Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via (1) a crafted nickname or (2) a packet with a large amount of data.	NVD-CWE-Other	CVE-2005-1163	2017-07-12 10:29	2005-05-2	Show	GitHub Exploit DB Packet Storm

346102	-	belkin	belkin_54g_wireless_router	Belkin 54g wireless routers do not properly set an administrative password, which allows remote attackers to gain access via the (1) Telnet or (2) web administration interfaces.	NVD-CWE-Other	CVE-2005-2374	2017-07-12 10:29	2005-07-26	Show	GitHub Exploit DB Packet Storm

346103	-	belkin	f5d7230-4 f5d7232-4	Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the ma…	NVD-CWE-Other	CVE-2005-3802	2017-07-12 10:29	2005-11-24	Show	GitHub Exploit DB Packet Storm

346104	-	dotclear	dotclear	SQL injection vulnerability in session.php in DotClear before 1.2.3 allows remote attackers to execute arbitrary SQL commands via the dc_xd parameter in a cookie.	NVD-CWE-Other	CVE-2005-3963	2017-07-12 10:29	2005-12-2	Show	GitHub Exploit DB Packet Storm

346105	-	ibm	net.data	Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly…	NVD-CWE-Other	CVE-2004-1442	2017-07-12 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346106	-	zonelabs	imsecure	Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions.	NVD-CWE-Other	CVE-2004-1517	2017-07-12 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346107	-	leafnode	leafnode	fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an empty NNTP news article with missing mandatory headers.	NVD-CWE-Other	CVE-2004-2068	2017-07-12 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346108	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow remote attackers to cause a denial of service (network port consumption) via unknown actions in HTTPS sessions, which prevents the s…	NVD-CWE-Other	CVE-2004-2424	2017-07-12 10:29	2004-12-31	Show	GitHub Exploit DB Packet Storm

346109	-	microsoft	frontpage	The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name inclu…	NVD-CWE-Other	CVE-2000-0710	2017-07-12 10:29	2000-10-20	Show	GitHub Exploit DB Packet Storm

346110	-	biblioscape	biblioweb_server	Directory traversal vulnerability in BiblioWeb web server 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) or ... attack in an HTTP GET request.	NVD-CWE-Other	CVE-2001-0226	2017-07-12 10:29	2001-05-3	Show	GitHub Exploit DB Packet Storm