Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250321	6.5	警告	The phpMyAdmin Project	-	phpMyAdmin の PMA_Bookmark_get 関数における別のユーザの SQL クエリの実行を誘発する脆弱性	CWE-20 不適切な入力確認	CVE-2011-0987	2012-03-27 18:43	2011-02-11	Show	GitHub Exploit DB Packet Storm

250322	5	警告	The phpMyAdmin Project	-	phpMyAdmin におけるインストレーションパスを取得される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0986	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

250323	10	危険	BMC Software	-	Performance Analysis for Server などの BMC PATROL Agent Service Daemon におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0975	2012-03-27 18:43	2011-02-10	Show	GitHub Exploit DB Packet Storm

250324	10	危険	ヒューレット・パッカード	-	HP Data Protector のクライアントにおける任意のスクリプトコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0924	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

250325	10	危険	ヒューレット・パッカード	-	HP Data Protector のクライアントにおける任意の Perl コードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0923	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

250326	10	危険	ヒューレット・パッカード	-	HP Data Protector のクライアントにおける任意のプログラムを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0922	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

250327	10	危険	ヒューレット・パッカード	-	HP Data Protector の crs.exe における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0921	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

250328	9.3	危険	IBM	-	IBM Lotus Domino の Remote Console における認証を回避する脆弱性	CWE-287 不適切な認証	CVE-2011-0920	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

250329	4.3	警告	Zikula Foundation	-	Zikula Users モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0911	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

250330	6.4	警告	Vanilla Forums	-	Vanilla Forums のクッキーの実装における署名されたリクエストを偽造される脆弱性	CWE-Other その他	CVE-2011-0910	2012-03-27 18:43	2011-02-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3311	9.8	CRITICAL Network	espressif	arduino-esp32	arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a …	CWE-121 Stack-based Buffer Overflow	CVE-2026-42854	2026-05-18 22:09	2026-05-13	Show	GitHub Exploit DB Packet Storm

3312	8.8	HIGH Network	mongodb	mongodb	An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issu…	CWE-787 Out-of-bounds Write	CVE-2026-8053	2026-05-18 22:06	2026-05-13	Show	GitHub Exploit DB Packet Storm

3313	7.5	HIGH Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handle…	CWE-362 Race Condition	CVE-2026-42594	2026-05-18 22:02	2026-05-15	Show	GitHub Exploit DB Packet Storm

3314	8.2	HIGH Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames t…	CWE-73 CWE-184 External Control of File Name or Path Incomplete Blacklist	CVE-2026-40893	2026-05-18 22:02	2026-05-15	Show	GitHub Exploit DB Packet Storm

3315	8.2	HIGH Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint (/forms/libreoffice/convert) passes uploaded documents directly to LibreOffice without …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42591	2026-05-18 22:02	2026-05-15	Show	GitHub Exploit DB Packet Storm

3316	5.9	MEDIUM Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers…	CWE-73 CWE-918 External Control of File Name or Path Server-Side Request Forgery (SSRF)	CVE-2026-42597	2026-05-18 22:02	2026-05-15	Show	GitHub Exploit DB Packet Storm

3317	5.3	MEDIUM Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only th…	CWE-367 CWE-918 Time-of-check Time-of-use (TOCTOU) Race Condition Server-Side Request Forgery (SSRF)	CVE-2026-42592	2026-05-18 22:02	2026-05-15	Show	GitHub Exploit DB Packet Storm

3318	9.8	CRITICAL Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HTTP endpoint accepts a JSON metadata object and passes its keys directly to E…	CWE-78 OS Command	CVE-2026-42589	2026-05-18 22:01	2026-05-15	Show	GitHub Exploit DB Packet Storm

3319	5.3	MEDIUM Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, pdfengines/merge, pdfengines/split, libreoffice/convert, chromium/convert/url, chromium/convert/html, and chromium/convert/…	CWE-22 CWE-73 Path Traversal External Control of File Name or Path	CVE-2026-42593	2026-05-18 22:01	2026-05-15	Show	GitHub Exploit DB Packet Storm

3320	8.6	HIGH Network	thecodingmachine	gotenberg	Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint (/forms/chromium/convert/url) has no default protection against HTTP/HTTPS-based S…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42595	2026-05-18 22:01	2026-05-15	Show	GitHub Exploit DB Packet Storm