Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255371	5.8	警告	サイボウズ	-	複数のサイボウズ製品におけるアクセス制限に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2029	2010-04-20 12:01	2010-04-20	Show	GitHub Exploit DB Packet Storm

255372	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer の Tabular Data Control ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0805	2010-04-19 19:20	2010-03-30	Show	GitHub Exploit DB Packet Storm

255373	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0491	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

255374	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer における同一生成元ポリシーを回避される脆弱性	CWE-200 情報漏えい	CVE-2010-0494	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

255375	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer の mstime.dll における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0492	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

255376	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0490	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

255377	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0807	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

255378	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-362 競合状態	CVE-2010-0489	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

255379	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0267	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

255380	10	危険	アップル	-	Apple Mac OS X の xar におけるパッケージ署名の検証処理に関する脆弱性	CWE-DesignError	CVE-2010-0055	2010-04-16 16:59	2010-03-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	7.3	HIGH Network	-	-	YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a a post or reply that is stored server-side and… New	CWE-79 CWE-80 CWE-116 Cross-site Scripting Basic XSS Improper Encoding or Escaping of Output	CVE-2026-43939	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

602	6.5	MEDIUM Network	-	-	requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addr… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42175	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

603	-		-	-	DevGuard provides vulnerability management for the full software supply chain. Prior to 1.2.2, the SessionMiddleware accepts a client-supplied X-Admin-Token HTTP request header and uses its raw strin… New	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-42300	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

604	-		-	-	Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affect… New	CWE-288 CWE-306 CWE-841 Authentication Bypass Using an Alternate Path or Channel Missing Authentication for Critical Function Improper Enforcement of Behavioral Workflow	CVE-2026-42303	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

605	4.3	MEDIUM Network	-	-	Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions (which isn't the default) can craft a policy that makes… New	CWE-862 Missing Authorization	CVE-2026-42541	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

606	8.8	HIGH Network	-	-	AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed i… New	CWE-79 CWE-94 CWE-1188 Cross-site Scripting Code Injection Insecure Default Initialization of Resource	CVE-2026-43892	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

607	7.5	HIGH Network	-	-	phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a by… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-44167	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

608	8.2	HIGH Network	-	-	ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address … New	CWE-184 CWE-918 Incomplete Blacklist Server-Side Request Forgery (SSRF)	CVE-2026-43929	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

609	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur… New	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm

610	7.5	HIGH Network	-	-	changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vu… New	CWE-73 External Control of File Name or Path	CVE-2026-43891	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm