Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
246111	7.5	危険	avant-garde solutions	-	Mambo の mosmedia における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2043	2012-06-26 15:46	2007-04-16	Show	GitHub Exploit DB Packet Storm

246112	6.8	警告	avant-garde solutions	-	Mambo の Avant-Garde Solutions MOSMedia Lite および初期モジュールにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2042	2012-06-26 15:46	2007-04-16	Show	GitHub Exploit DB Packet Storm

246113	4	警告	シスコシステムズ	-	Cisco WLC におけるアクセス制限を回避される脆弱性	-	CVE-2007-2041	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

246114	6.2	警告	シスコシステムズ	-	Cisco Aironet におけるデバイス上で任意の操作を実行される脆弱性	-	CVE-2007-2040	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

246115	6.1	警告	シスコシステムズ	-	Cisco WLC のNPU におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2039	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

246116	6.1	警告	シスコシステムズ	-	Cisco WLC の NPU におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2038	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

246117	2.9	注意	シスコシステムズ	-	Cisco WLC におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2037	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

246118	10	危険	シスコシステムズ	-	Cisco WLC の SNMP 実装における SNMP 変数を変更される脆弱性	-	CVE-2007-2036	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

246119	7.8	危険	シスコシステムズ	-	Cisco WCS におけるネットワークの構成データを取得される脆弱性	-	CVE-2007-2035	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

246120	9	危険	シスコシステムズ	-	Cisco WCS におけるアプリケーションおよびネットワークを管理される脆弱性	CWE-noinfo 情報不足	CVE-2007-2034	2012-06-26 15:46	2007-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
231	-		-	-	Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e… New	CWE-603 Use of Client-Side Authentication	CVE-2026-42098	2026-05-19 23:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

232	-		-	-	Sparx Pro Cloud Server is vulnerable to a Race Condition in the /data_api/dl_internal_artifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves… New	CWE-362 Race Condition	CVE-2026-42099	2026-05-19 23:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

233	-		-	-	Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed by sending an specially crafted SQL query. This causes the Pro Clou… New	CWE-228 Improper Handling of Syntactically Invalid Structure	CVE-2026-42100	2026-05-19 23:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

234	3.9	LOW Local	-	-	FacturaScripts is an open source accounting and invoicing software. Versions 2025.7 and prior contain a Reflected Cross-Site Scripting (XSS) vulnerability through the fsNick cookie parameter. The app… New	CWE-79 Cross-site Scripting	CVE-2026-27964	2026-05-19 23:44	2026-05-19	Show	GitHub Exploit DB Packet Storm

235	6.5	MEDIUM Network	-	-	FacturaScripts is an open source accounting and invoicing software. In versions prior to 2026, the Library module stores and serves uploaded images byte-for-byte, without stripping EXIF/XMP/IPTC meta… New	CWE-200 CWE-212 Information Exposure Improper Removal of Sensitive Information Before Storage or Transfer	CVE-2026-27892	2026-05-19 23:44	2026-05-19	Show	GitHub Exploit DB Packet Storm

236	5.3	MEDIUM Network	-	-	Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unpriv… New	CWE-200 CWE-524 CWE-672 Information Exposure Use of Cache Containing Sensitive Information Operation on a Resource after Expiration or Release	CVE-2026-32244	2026-05-19 23:44	2026-05-19	Show	GitHub Exploit DB Packet Storm

237	-		-	-	Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, an authenticated user on a Discourse instance with the form templates feature… New	CWE-862 Missing Authorization	CVE-2026-33514	2026-05-19 23:44	2026-05-19	Show	GitHub Exploit DB Packet Storm

238	10.0	CRITICAL Network	-	-	HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and Node.js that allows unauthenticated rem… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-43633	2026-05-19 23:43	2026-05-19	Show	GitHub Exploit DB Packet Storm

239	6.5	MEDIUM Network	vercel	turborepo	Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14, Turborepo's self-hosted login and SSO browser flows did not validate a CSRF state value on the l… New	CWE-352 CWE-384 Origin Validation Error Session Fixation	CVE-2026-45773	2026-05-19 23:41	2026-05-16	Show	GitHub Exploit DB Packet Storm

240	9.8	CRITICAL Network	vercel	turborepo	Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerable to arbitrary code execution when run in untrusted reposi… New	CWE-426 Untrusted Search Path	CVE-2026-45772	2026-05-19 23:41	2026-05-16	Show	GitHub Exploit DB Packet Storm