Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245031 7.2 危険 アップル
シスコシステムズ		 - Cisco Trust Agent (CTA) におけるパスワードを含むシステムプリファレンスを変更される脆弱性 - CVE-2007-3184 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245032 10 危険 Firebird Project - Firebird SQL 2 の fbserver.exe におけるバッファオーバーフローの脆弱性 - CVE-2007-3181 2012-06-26 15:46 2007-06-12 Show GitHub Exploit DB Packet Storm
245033 5 警告 Almnzm - Almnzm における重要な情報を取得される脆弱性 - CVE-2007-3173 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245034 9.3 危険 EdrawSoft - edrawofficeviewer.ocx の特定の ActiveX コントロール におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-3169 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245035 7.8 危険 EdrawSoft - edrawofficeviewer.ocx の特定の ActiveX コントロールにおける任意のファイルを削除される脆弱性 CWE-DesignError
CVE-2007-3168 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245036 5 警告 frederico caldeira knabben - Frederico Caldeira Knabben FCKeditor の filemanager における任意の .php ファイルをアップロードされる脆弱性 - CVE-2007-3163 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245037 10 危険 EGroupware - eGroupWare における詳細不明な脆弱性 - CVE-2007-3155 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245038 10 危険 EGroupware - eGroupWare で使用される Walter Zorn wz_tooltip.js における詳細不明な脆弱性 - CVE-2007-3154 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245039 5 警告 Haxx - Windows 以外のプラットフォームで稼動する c-ares の ares_init:randomize_key 関数における DNS レスポンスを偽装される脆弱性 - CVE-2007-3153 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
245040 7.5 危険 Haxx - c-ares における DNS レスポンスを偽装される脆弱性 - CVE-2007-3152 2012-06-26 15:46 2007-06-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
341 4.4 MEDIUM
Local 		vmware spring_cloud_config When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrad… Update CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-41004 2026-05-13 01:52 2026-05-7 Show GitHub Exploit DB Packet Storm
342 8.8 HIGH
Network 		nocobase nocobase NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core database package co… Update CWE-89
SQL Injection 		CVE-2026-41640 2026-05-13 01:51 2026-05-7 Show GitHub Exploit DB Packet Storm
343 4.6 MEDIUM
Network 		- - Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notification emails fails to remove <style> tags … New CWE-79
Cross-site Scripting 		CVE-2026-42857 2026-05-13 01:50 2026-05-12 Show GitHub Exploit DB Packet Storm
344 8.5 HIGH
Network 		- - The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProviderDataViewSet fetches SAML metadata from a… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42860 2026-05-13 01:50 2026-05-12 Show GitHub Exploit DB Packet Storm
345 5.3 MEDIUM
Network 		- - Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host o… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-45179 2026-05-13 01:48 2026-05-11 Show GitHub Exploit DB Packet Storm
346 7.5 HIGH
Network 		- - Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on ano… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-45180 2026-05-13 01:48 2026-05-11 Show GitHub Exploit DB Packet Storm
347 6.5 MEDIUM
Network 		- - Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit chara… New CWE-1289
 Improper Validation of Unsafe Equivalence in Input 		CVE-2026-45190 2026-05-13 01:48 2026-05-11 Show GitHub Exploit DB Packet Storm
348 6.5 MEDIUM
Network 		- - Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validatio… New CWE-1289
 Improper Validation of Unsafe Equivalence in Input 		CVE-2026-45191 2026-05-13 01:48 2026-05-11 Show GitHub Exploit DB Packet Storm
349 7.5 HIGH
Network 		- - XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UT… New CWE-125
Out-of-bounds Read 		CVE-2026-8177 2026-05-13 01:48 2026-05-11 Show GitHub Exploit DB Packet Storm
350 6.5 MEDIUM
Network 		- - WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function… New CWE-338
CWE-340
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
 Generation of Predictable Numbers or Identifiers 		CVE-2026-5084 2026-05-13 01:48 2026-05-11 Show GitHub Exploit DB Packet Storm