Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248881	6.8	警告	Hycus CMS project	-	Hycus CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4612	2012-03-27 18:42	2010-12-29	Show	GitHub Exploit DB Packet Storm

248882	5	警告	html-edit	-	Html-edit CMS における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-4611	2012-03-27 18:42	2010-12-29	Show	GitHub Exploit DB Packet Storm

248883	4.3	警告	html-edit	-	Html-edit CMS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4610	2012-03-27 18:42	2010-12-29	Show	GitHub Exploit DB Packet Storm

248884	7.5	危険	html-edit	-	Html-edit CMS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4609	2012-03-27 18:42	2010-12-29	Show	GitHub Exploit DB Packet Storm

248885	5	警告	habariproject	-	Habari における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-4608	2012-03-27 18:42	2010-12-4	Show	GitHub Exploit DB Packet Storm

248886	2.6	注意	habariproject	-	Habari におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4607	2012-03-27 18:42	2010-12-4	Show	GitHub Exploit DB Packet Storm

248887	10	危険	IBM	-	IBM TSM の Space Management クライアントにおける任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4606	2012-03-27 18:42	2010-12-29	Show	GitHub Exploit DB Packet Storm

248888	6.6	警告	IBM	-	IBM TSM の backup-archive クライアントにおける任意のファイルを上書される脆弱性	CWE-noinfo 情報不足	CVE-2010-4605	2012-03-27 18:42	2010-12-29	Show	GitHub Exploit DB Packet Storm

248889	6.9	警告	IBM	-	IBM TSM の GeneratePassword 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4604	2012-03-27 18:42	2010-12-29	Show	GitHub Exploit DB Packet Storm

248890	6.5	警告	IBM	-	IBM Rational ClearQuest におけるレコードリレーションシップに干渉する脆弱性	CWE-DesignError	CVE-2010-4603	2012-03-27 18:42	2010-09-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
81	5.9	MEDIUM Network	-	-	OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer… New	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-42348	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

82	-		-	-	Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affect… New	CWE-288 CWE-306 CWE-841 Authentication Bypass Using an Alternate Path or Channel Missing Authentication for Critical Function Improper Enforcement of Behavioral Workflow	CVE-2026-42303	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

83	-		-	-	DevGuard provides vulnerability management for the full software supply chain. Prior to 1.2.2, the SessionMiddleware accepts a client-supplied X-Admin-Token HTTP request header and uses its raw strin… New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-42300	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

84	5.3	MEDIUM Network	-	-	linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter i… New	CWE-284 CWE-436 Improper Access Control Interpretation Conflict	CVE-2026-42177	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

85	6.5	MEDIUM Network	-	-	requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addr… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42175	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

86	7.7	HIGH Network	-	-	Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery (SSRF) vulnerabi… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42141	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

87	9.6	CRITICAL Network	-	-	Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API (DELETE /api/v1/knowledge_bases). Th… New	CWE-22 Path Traversal	CVE-2026-42048	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

88	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur… New	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

89	-		-	-	changedetection.io is a free open source web page change detection tool. In 0.54.9 and earlier, xpath_filter() switches to XML mode for XML/RSS content and creates etree.XMLParser(strip_cdata=False) … New	CWE-611 XXE	CVE-2026-41895	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

90	6.2	MEDIUM Local	-	-	Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally. New	CWE-284 Improper Access Control	CVE-2026-41614	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm