Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2771 10 緊急
Network 		VoidZero Inc. Vite+ VoidZero Inc.のVite+におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41211 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
2772 5.4 警告
Network 		Siemvk (siemvk) Openlearn Siemvk (siemvk)のOpenlearnにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41243 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
2773 8.8 重要
Network 		Deskflow Deskflow Deskflowにおける古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-41476 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
2774 7.8 重要
Local 		Deskflow Deskflow Deskflowにおける複数の脆弱性 CWE-306
CWE-862
CVE-2026-41477 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
2775 6.5 警告
Network 		langchain Langchain-text-splitters langchainのLangchain-text-splittersにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41481 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
2776 3.1
Network 		langchain Langchain-openai langchainのLangchain-openaiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41488 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
2777 9.8 緊急
Network 		Steven Fackler rust-openssl rust-OpenSSL Projectのrust-OpenSSLにおける複数の脆弱性 CWE-131
CWE-787
CVE-2026-41676 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
2778 9.1 緊急
Network 		Steven Fackler rust-openssl rust-OpenSSL Projectのrust-OpenSSLにおける複数の脆弱性 CWE-125
CWE-1284
CVE-2026-41677 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
2779 9.8 緊急
Network 		Steven Fackler rust-openssl rust-OpenSSL Projectのrust-OpenSSLにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-41678 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
2780 9.8 緊急
Network 		Steven Fackler rust-openssl rust-OpenSSL Projectのrust-OpenSSLにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-41681 2026-04-30 12:17 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317161 - php
gggeek
drupal
tiki
debian 		xml_rpc
phpxmlrpc
drupal
tikiwiki_cms\/groupware
debian_linux 		Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2… CWE-94
Code Injection 		CVE-2005-1921 2024-02-15 00:41 2005-07-5 Show GitHub Exploit DB Packet Storm
317162 - nrl.navy one-time_passwords_in_everything One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and st… CWE-203
 Information Exposure Through Discrepancy 		CVE-2001-1483 2024-02-15 00:17 2001-12-31 Show GitHub Exploit DB Packet Storm
317163 - amtote homebet AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid accoun… CWE-203
 Information Exposure Through Discrepancy 		CVE-2001-1528 2024-02-15 00:17 2001-12-31 Show GitHub Exploit DB Packet Storm
317164 - netfilter iptables iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the … CWE-203
 Information Exposure Through Discrepancy 		CVE-2001-1387 2024-02-15 00:17 2001-11-5 Show GitHub Exploit DB Packet Storm
317165 - php php PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell… CWE-88
Argument Injection 		CVE-2001-1246 2024-02-15 00:17 2001-06-30 Show GitHub Exploit DB Packet Storm
317166 - ibm lotus_notes The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring d… CWE-203
 Information Exposure Through Discrepancy 		CVE-2000-1117 2024-02-15 00:16 2001-01-9 Show GitHub Exploit DB Packet Storm
317167 - gnu cvs CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which caus… CWE-203
 Information Exposure Through Discrepancy 		CVE-2004-0778 2024-02-15 00:07 2004-10-20 Show GitHub Exploit DB Packet Storm
317168 - openssl
openbsd
freebsd 		openssl
openbsd
freebsd 		ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing… CWE-203
 Information Exposure Through Discrepancy 		CVE-2003-0078 2024-02-15 00:07 2003-03-3 Show GitHub Exploit DB Packet Storm
317169 - joetesta hellbent Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error … CWE-203
 Information Exposure Through Discrepancy 		CVE-2002-2094 2024-02-15 00:07 2002-12-31 Show GitHub Exploit DB Packet Storm
317170 - openbsd openbsd PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default … CWE-203
 Information Exposure Through Discrepancy 		CVE-2002-0514 2024-02-15 00:07 2002-08-12 Show GitHub Exploit DB Packet Storm