Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2661 8.1 重要
Adjacent 		フィリップス Hue Bridge V2 ファームウェア フィリップスのHue Bridge V2 ファームウェアにおける暗号化処理のナンスおよび鍵ペアの再利用に関する脆弱性 CWE-323
暗号化処理のナンスおよび鍵ペアの再利用 		CVE-2026-3559 2026-04-30 12:29 2026-03-16 Show GitHub Exploit DB Packet Storm
2662 8.8 重要
Adjacent 		フィリップス Hue Bridge V2 ファームウェア フィリップスのHue Bridge V2 ファームウェアにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-3560 2026-04-30 12:29 2026-03-16 Show GitHub Exploit DB Packet Storm
2663 8 重要
Adjacent 		フィリップス Hue Bridge V2 ファームウェア フィリップスのHue Bridge V2 ファームウェアにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-3561 2026-04-30 12:29 2026-03-16 Show GitHub Exploit DB Packet Storm
2664 8.8 重要
Adjacent 		フィリップス Hue Bridge V2 ファームウェア フィリップスのHue Bridge V2 ファームウェアにおけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-3562 2026-04-30 12:29 2026-03-16 Show GitHub Exploit DB Packet Storm
2665 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-3689 2026-04-30 12:29 2026-04-11 Show GitHub Exploit DB Packet Storm
2666 7.4 重要
Network 		OpenClaw OpenClaw OpenClawにおける認証時の IP アドレスへの依存に関する脆弱性 CWE-291
認証時の IP アドレスへの依存 		CVE-2026-3690 2026-04-30 12:29 2026-04-11 Show GitHub Exploit DB Packet Storm
2667 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-3691 2026-04-30 12:29 2026-04-11 Show GitHub Exploit DB Packet Storm
2668 7.3 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. w30e ファームウェア Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-38834 2026-04-30 12:29 2026-04-21 Show GitHub Exploit DB Packet Storm
2669 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. w30e ファームウェア Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-38835 2026-04-30 12:29 2026-04-21 Show GitHub Exploit DB Packet Storm
2670 5.4 警告
Network 		pyLoad pyLoad pyLoadにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40071 2026-04-30 12:29 2026-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317421 7.5 HIGH
Network 		thekelleys dnsmasq Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq. CWE-346
 Origin Validation Error 		CVE-2005-0877 2024-02-9 05:46 2005-05-2 Show GitHub Exploit DB Packet Storm
317422 8.8 HIGH
Network 		phpnuke php-nuke Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. CWE-352
 Origin Validation Error 		CVE-2004-1842 2024-02-9 05:46 2004-12-31 Show GitHub Exploit DB Packet Storm
317423 6.5 MEDIUM
Network 		fusetalk fusetalk Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm. CWE-352
 Origin Validation Error 		CVE-2004-1995 2024-02-9 05:46 2004-12-31 Show GitHub Exploit DB Packet Storm
317424 8.8 HIGH
Network 		fusionphp fusion_news Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls index.php with the signup action, which is … CWE-352
 Origin Validation Error 		CVE-2004-1703 2024-02-9 05:46 2004-07-30 Show GitHub Exploit DB Packet Storm
317425 8.8 HIGH
Network 		openbb openbb Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0… CWE-352
 Origin Validation Error 		CVE-2004-1967 2024-02-9 05:46 2004-04-25 Show GitHub Exploit DB Packet Storm
317426 7.8 HIGH
Local 		lynx_project lynx Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL tha… CWE-346
 Origin Validation Error 		CVE-1999-1549 2024-02-9 05:46 1999-11-16 Show GitHub Exploit DB Packet Storm
317427 7.5 HIGH
Network 		cisco ip_phone_7940_firmware
ip_phone_7960_firmware 		Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages suc… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2005-2181 2024-02-9 05:45 2005-07-11 Show GitHub Exploit DB Packet Storm
317428 7.5 HIGH
Network 		grandstream bt-100_firmware Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spo… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2005-2182 2024-02-9 05:45 2005-07-11 Show GitHub Exploit DB Packet Storm
317429 9.8 CRITICAL
Network 		sgi irix The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a pass… CWE-346
 Origin Validation Error 		CVE-2003-0174 2024-02-9 05:45 2003-05-12 Show GitHub Exploit DB Packet Storm
317430 6.5 MEDIUM
Network 		ubbcentral ubb.threads Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow … CWE-352
 Origin Validation Error 		CVE-2005-2059 2024-02-9 05:44 2005-06-29 Show GitHub Exploit DB Packet Storm