Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250591 4.3 警告 htmlpurifier
マイクロソフト		 - HTML Purifier におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4183 2012-03-27 18:42 2010-09-5 Show GitHub Exploit DB Packet Storm
250592 5 警告 Yaws - Yaws におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4181 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
250593 4 警告 dracut Project
kernel.org		 - dracut におけるローカルユーザの tty0 からターナミルデータを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4176 2012-03-27 18:42 2010-12-7 Show GitHub Exploit DB Packet Storm
250594 3.3 注意 OpenFabrics Alliance - libsdp の libsdp.conf のディフォルト設定における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4173 2012-03-27 18:42 2010-11-22 Show GitHub Exploit DB Packet Storm
250595 5 警告 OpenTTD - OpenTTD におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4168 2012-03-27 18:42 2010-11-17 Show GitHub Exploit DB Packet Storm
250596 7.5 危険 Joomla! - Joomla! における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4166 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
250597 6.9 警告 Mono Project - Mono の metadata/loader.c における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-4159 2012-03-27 18:42 2010-09-26 Show GitHub Exploit DB Packet Storm
250598 4.3 警告 exv2 - eXV2 CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4155 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
250599 9.3 危険 rhinosoft - Rhino の FTP Voyager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4154 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
250600 9.3 危険 crossftp - CrossFTP Pro におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4153 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3291 5.4 MEDIUM
Network 		phpoffice phpspreadsheet PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The HTML writer skips htmlspecialchars escaping when a cell's formatted value differs from the original value. When a c… CWE-79
Cross-site Scripting 		CVE-2026-40296 2026-05-11 23:42 2026-05-7 Show GitHub Exploit DB Packet Storm
3292 5.3 MEDIUM
Network 		opentelemetry opentelemetry.exporter.zipkin OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span a… CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41310 2026-05-11 23:40 2026-05-7 Show GitHub Exploit DB Packet Storm
3293 5.3 MEDIUM
Network 		netty netty Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF … CWE-93
CWE-444
CRLF Injection
HTTP Request Smuggling 		CVE-2026-41417 2026-05-11 23:29 2026-05-7 Show GitHub Exploit DB Packet Storm
3294 5.5 MEDIUM
Local 		open5gs open5gs A vulnerability was detected in Open5GS up to 2.7.7. Impacted is the function ogs_sbi_stream_find_by_id in the library /lib/sbi/nghttp2-server.c of the component NSSF. Performing a manipulation resul… CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8119 2026-05-11 23:29 2026-05-8 Show GitHub Exploit DB Packet Storm
3295 6.5 MEDIUM
Network 		open5gs open5gs A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. Exec… CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8120 2026-05-11 23:28 2026-05-8 Show GitHub Exploit DB Packet Storm
3296 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limit… NVD-CWE-noinfo
CVE-2026-43240 2026-05-11 23:27 2026-05-6 Show GitHub Exploit DB Packet Storm
3297 6.5 MEDIUM
Network 		open5gs open5gs A vulnerability has been found in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_parse_plmn_list in the library /lib/sbi/conv.c of the component NSSF. The manipulation leads to den… CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8121 2026-05-11 23:26 2026-05-8 Show GitHub Exploit DB Packet Storm
3298 7.1 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAX_… CWE-125
Out-of-bounds Read 		CVE-2026-43241 2026-05-11 23:26 2026-05-6 Show GitHub Exploit DB Packet Storm
3299 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: soc: ti: k3-socinfo: Fix regmap leak on probe failure The mmio regmap allocated during probe is never freed. Switch to using the… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-43242 2026-05-11 23:22 2026-05-6 Show GitHub Exploit DB Packet Storm
3300 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src Trying to access link enc on a dpia link will cause a crash o… NVD-CWE-noinfo
CVE-2026-43243 2026-05-11 23:16 2026-05-6 Show GitHub Exploit DB Packet Storm