Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252581 9.3 危険 マイクロソフト - Microsoft Forefront UAG の MicrosoftClient.jar における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-1969 2011-10-21 15:31 2011-10-11 Show GitHub Exploit DB Packet Storm
252582 4.3 警告 マイクロソフト - Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1897 2011-10-21 15:30 2011-10-11 Show GitHub Exploit DB Packet Storm
252583 4.3 警告 マイクロソフト - Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1896 2011-10-21 15:30 2011-10-11 Show GitHub Exploit DB Packet Storm
252584 9.3 危険 マイクロソフト - Microsoft Forefront UAG 2010 における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-1895 2011-10-21 15:28 2011-10-11 Show GitHub Exploit DB Packet Storm
252585 9.3 危険 マイクロソフト - Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1253 2011-10-21 15:27 2011-10-11 Show GitHub Exploit DB Packet Storm
252586 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-2011 2011-10-21 15:26 2011-10-11 Show GitHub Exploit DB Packet Storm
252587 9.3 危険 マイクロソフト - Microsoft Windows の win32k.sys のバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2003 2011-10-21 15:25 2011-10-11 Show GitHub Exploit DB Packet Storm
252588 4.7 警告 マイクロソフト - Microsoft Windows の win32k.sys におけるサービス運用妨害 (システムハング) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2002 2011-10-21 15:25 2011-10-11 Show GitHub Exploit DB Packet Storm
252589 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格またはサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-1985 2011-10-21 15:24 2011-10-11 Show GitHub Exploit DB Packet Storm
252590 9.3 危険 マイクロソフト - Microsoft Windows Vista および Windows 7 の Windows Media Center における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-2009 2011-10-21 15:24 2011-10-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3221 7.5 HIGH
Network 		- - A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessive … - CVE-2026-23870 2026-05-7 23:52 2026-05-7 Show GitHub Exploit DB Packet Storm
3222 6.5 MEDIUM
Network 		- - RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x… CWE-295
Improper Certificate Validation  		CVE-2025-42611 2026-05-7 23:51 2026-05-5 Show GitHub Exploit DB Packet Storm
3223 - - - An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1.8.1 allows remote attacker to trick a legitimate user to alter or delete arbitrary data… CWE-20
CWE-352
CWE-917
 Improper Input Validation 
 Origin Validation Error
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2026-28201 2026-05-7 23:51 2026-05-7 Show GitHub Exploit DB Packet Storm
3224 - - - Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and subsequently OS commands) on the docker container via Server-Side Template Injection (S… CWE-20
 Improper Input Validation  		CVE-2026-33587 2026-05-7 23:51 2026-05-7 Show GitHub Exploit DB Packet Storm
3225 - - - Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal. CWE-20
 Improper Input Validation  		CVE-2026-33588 2026-05-7 23:51 2026-05-7 Show GitHub Exploit DB Packet Storm
3226 - - - Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal. CWE-20
 Improper Input Validation  		CVE-2026-33589 2026-05-7 23:51 2026-05-7 Show GitHub Exploit DB Packet Storm
3227 7.1 HIGH
Network 		- - Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove t… CWE-863
 Incorrect Authorization 		CVE-2026-41660 2026-05-7 23:51 2026-05-7 Show GitHub Exploit DB Packet Storm
3228 4.9 MEDIUM
Network 		- - Admidio is an open-source user management solution. Prior to version 5.0.9, the contacts_data.php endpoint uses a weaker permission check (isAdministratorUsers(), requiring only rol_edit_user=true) t… CWE-863
 Incorrect Authorization 		CVE-2026-41657 2026-05-7 23:51 2026-05-7 Show GitHub Exploit DB Packet Storm
3229 3.5 LOW
Network 		- - Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module (database backup, test email, htaccess generation) fire v… CWE-352
 Origin Validation Error 		CVE-2026-41663 2026-05-7 23:51 2026-05-7 Show GitHub Exploit DB Packet Storm
3230 4.3 MEDIUM
Network 		flowiseai flowise A weakness has been identified in FlowiseAI Flowise up to 3.0.12. Affected by this vulnerability is an unknown functionality of the component User Controller Handler. This manipulation of the argumen… CWE-285
CWE-639
Improper Authorization
 Authorization Bypass Through User-Controlled Key 		CVE-2026-8027 2026-05-7 23:50 2026-05-7 Show GitHub Exploit DB Packet Storm