Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2431	4.9	警告 Network	Kimai project	kimai	Kimai projectのKimaiにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-44298	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2432	7.8	重要 Local	LibreOffice プロジェクト	LibreOffice	LibreOffice プロジェクトのLibreOfficeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-4430	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

2433	8.4	重要 Local	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44334	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2434	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44335	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2435	9.6	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-22 CWE-829 CWE-913 CWE-94	CVE-2026-44336	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2436	6.3	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-89	CVE-2026-44337	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2437	7.3	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-1188 CWE-306 CWE-668	CVE-2026-44338	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2438	8.6	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性	CWE-470 クラスまたはコードを選択する外部から制御された入力の使用	CVE-2026-44339	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2439	7.5	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-22 CWE-59	CVE-2026-44340	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2440	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-44406	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346131	-	sylpheed	sylpheed	Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2005-3354	2017-07-11 10:33	2005-11-21	Show	GitHub Exploit DB Packet Storm

346132	-	php_icalendar	php_icalendar	PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 through 2.0.1 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the phpicalendar cookie.…	NVD-CWE-Other	CVE-2005-3366	2017-07-11 10:33	2005-10-30	Show	GitHub Exploit DB Packet Storm

346133	-	search_enhanced	search_enhanced	Cross-site scripting (XSS) vulnerability in the Search_Enhanced module in PHP-Nuke 7.9 allows remote attackers to inject arbitrary web script or HTML via the query parameter.	NVD-CWE-Other	CVE-2005-3368	2017-07-11 10:33	2005-10-30	Show	GitHub Exploit DB Packet Storm

346134	-	-	-	Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files …	NVD-CWE-Other	CVE-2005-3369	2017-07-11 10:33	2005-10-30	Show	GitHub Exploit DB Packet Storm

346135	-	butterfat	phpesp	Cross-site scripting (XSS) vulnerability in phpESP 1.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.	NVD-CWE-Other	CVE-2005-3406	2017-07-11 10:33	2005-11-1	Show	GitHub Exploit DB Packet Storm

346136	-	butterfat	phpesp	SQL injection vulnerability in phpESP 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors.	NVD-CWE-Other	CVE-2005-3407	2017-07-11 10:33	2005-11-1	Show	GitHub Exploit DB Packet Storm

346137	-	greg_neustaetter	gcards	SQL injection vulnerability in news.php in gCards version 1.43 allows remote attackers to execute arbitrary SQL commands via the limit parameter.	NVD-CWE-Other	CVE-2005-3408	2017-07-11 10:33	2005-11-1	Show	GitHub Exploit DB Packet Storm

346138	-	eyeos_project	eyeos	Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter.	NVD-CWE-Other	CVE-2005-3413	2017-07-11 10:33	2005-11-2	Show	GitHub Exploit DB Packet Storm

346139	-	eyeos_project	eyeos	eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials.	NVD-CWE-Other	CVE-2005-3414	2017-07-11 10:33	2005-11-2	Show	GitHub Exploit DB Packet Storm

346140	-	phpbb_group	phpbb	phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the sa…	NVD-CWE-Other	CVE-2005-3415	2017-07-11 10:33	2005-11-2	Show	GitHub Exploit DB Packet Storm