Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2701	6.5	警告 Network	The Prosody Team	Prosody	The Prosody TeamのProsodyにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-43504	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2702	6.5	警告 Network	The Prosody Team	Prosody	The Prosody TeamのProsodyにおける保護されていない代替チャネルに関する脆弱性	CWE-420 保護されていない代替チャネル	CVE-2026-43505	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2703	7.5	重要 Network	The Prosody Team	Prosody	The Prosody TeamのProsodyにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2026-43506	2026-05-7 11:59	2026-05-1	Show	GitHub Exploit DB Packet Storm

2704	7.5	重要 Network	The Prosody Team	Prosody	The Prosody TeamのProsodyにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-43507	2026-05-7 11:59	2026-05-1	Show	GitHub Exploit DB Packet Storm

2705	7.5	重要 Network	Debian GStreamer レッドハット	GStreamer Debian GNU/Linux Red Hat Enterprise Linux GStreamer Good Plug-ins	Debian等の複数ベンダの製品における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-1940	2026-05-7 11:31	2026-03-23	Show	GitHub Exploit DB Packet Storm

2706	9.8	緊急 Network	OPPO	ColorOS Assistant	OPPOのColorOS Assistantにおける複数の脆弱性	CWE-22 CWE-23	CVE-2026-22070	2026-05-7 11:31	2026-04-30	Show	GitHub Exploit DB Packet Storm

2707	8.8	重要 Network	GeoVision	GV-LPC2211 Firmware GV-LPC2011 Firmware	GeoVisionのGV-LPC2011 Firmware等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-42364	2026-05-7 11:31	2026-05-4	Show	GitHub Exploit DB Packet Storm

2708	7.5	重要 Network	GeoVision	GV-LPC2211 Firmware GV-LPC2011 Firmware	GeoVisionのGV-LPC2011 Firmware等の複数製品における観測された状態からの推測に関する脆弱性	CWE-341 観測された状態からの推測	CVE-2026-42365	2026-05-7 11:31	2026-05-4	Show	GitHub Exploit DB Packet Storm

2709	6.1	警告 Network	GeoVision	GV-LPC2211 Firmware GV-LPC2011 Firmware	GeoVisionのGV-LPC2011 Firmware等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42366	2026-05-7 11:31	2026-05-4	Show	GitHub Exploit DB Packet Storm

2710	6.5	警告 Network	GeoVision	GV-LPC2211 Firmware GV-LPC2011 Firmware	GeoVisionのGV-LPC2011 Firmware等の複数製品における認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-42367	2026-05-7 11:31	2026-05-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
317771	-	xmb_forum	xmb	Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration p…	NVD-CWE-Other	CVE-2005-3688	2024-02-14 10:17	2005-11-19	Show	GitHub Exploit DB Packet Storm

317772	-	xmb_forum	xmb	post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action.	NVD-CWE-Other	CVE-2005-3689	2024-02-14 10:17	2005-11-19	Show	GitHub Exploit DB Packet Storm

317773	-	ekinboard	ekinboard	Cross-site scripting (XSS) vulnerabilities in Ekinboard 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in profile.php and (2) titles of posts.	NVD-CWE-Other	CVE-2005-3638	2024-02-14 10:17	2005-11-17	Show	GitHub Exploit DB Packet Storm

317774	-	ibproarcade	ibproarcade	SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.	NVD-CWE-Other	CVE-2005-3545	2024-02-14 10:17	2005-11-16	Show	GitHub Exploit DB Packet Storm

317775	-	mambo	mambo	content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to obtain the installation path of the application via a URL that causes the application to return an error.	NVD-CWE-Other	CVE-2005-3586	2024-02-14 10:17	2005-11-16	Show	GitHub Exploit DB Packet Storm

317776	-	vubb	vubb	Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action.	NVD-CWE-Other	CVE-2005-3512	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm

317777	-	vubb	vubb	index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote (').	NVD-CWE-Other	CVE-2005-3513	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm

317778	-	chipmunk_scripts	chipmunk_forum	Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Forum script allow remote attackers to inject arbitrary web script or HTML via the forumID parameter to (1) newtopic.php, (2) quote.php…	NVD-CWE-Other	CVE-2005-3514	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm

317779	-	chipmunk_scripts	chipmunk_topsites	Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter.	NVD-CWE-Other	CVE-2005-3515	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm

317780	-	chipmunk_scripts	chipmunk_directory	Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Directory script allows remote attackers to inject arbitrary web script or HTML via the entryID parameter.	NVD-CWE-Other	CVE-2005-3516	2024-02-14 10:17	2005-11-6	Show	GitHub Exploit DB Packet Storm