Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 2:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
291 9.8 緊急
Network 		マイクロソフト Microsoft Windows Server 2025
Microsoft Windows 11 25h2
Microsoft Windows 11 26h1
Microsoft Windows 11 24h2
Microsoft Wind… 		Windows DNS クライアントのリモートでコードが実行される脆弱性 New CWE-122
ヒープオーバーフロー 		CVE-2026-41096 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
292 6.7 警告
Local 		マイクロソフト Microsoft Windows Server 2025
Microsoft Windows 10 22h2
Microsoft Windows 11 25h2
Microsoft Windows Server 2022
Microsoft … 		セキュア ブートのセキュリティ機能のバイパスの脆弱性 New CWE-1329
アップデートができないコンポーネントへの依存 		CVE-2026-41097 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
293 4.4 警告
Local 		マイクロソフト Microsoft 365 Copilot Android 用の Microsoft 365 Copilot のスプーフィングの脆弱性 New CWE-284
CWE-Other
CVE-2026-41100 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
294 5.5 警告
Local 		マイクロソフト Microsoft Word Microsoft Edge for Android のスプーフィングの脆弱性 New CWE-284
CWE-noinfo
CVE-2026-41101 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
295 5.5 警告
Local 		マイクロソフト Microsoft PowerPoint Microsoft PowerPoint for Android のスプーフィングの脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-41102 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
296 7.4 重要
Network 		Outlook.com Microsoft Edge Chromium Microsoft Edge (Chromium ベース) の情報漏えいの脆弱性 New CWE-610
CWE-73
CVE-2026-41107 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
297 8.8 重要
Network 		マイクロソフト Visual Studio Code GitHub Copilot と Visual Studio Code セキュリティ機能バイパスの脆弱性 New CWE-74
インジェクション 		CVE-2026-41109 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
298 7.4 重要
Network 		Open Knowledge Foundation CKAN Open Knowledge FoundationのCKANにおける証明書検証に関する脆弱性 New CWE-295
不正な証明書検証 		CVE-2026-41132 2026-05-18 11:31 2026-05-13 Show GitHub Exploit DB Packet Storm
299 6.1 警告
Network 		Open Knowledge Foundation CKAN Open Knowledge FoundationのCKANにおけるクロスサイトリクエストフォージェリの脆弱性 New CWE-352
同一生成元ポリシー違反 		CVE-2026-41255 2026-05-18 11:31 2026-05-13 Show GitHub Exploit DB Packet Storm
300 9.8 緊急
Network 		Apache Software Foundation Apache Tomcat Apache Software FoundationのApache Tomcatにおける入力確認に関する脆弱性 New CWE-20
不適切な入力確認 		CVE-2026-41293 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
353101 - phorum phorum SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter. NVD-CWE-Other
CVE-2000-1233 2008-09-6 05:22 2000-12-31 Show GitHub Exploit DB Packet Storm
353102 - phorum phorum violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters. NVD-CWE-Other
CVE-2000-1234 2008-09-6 05:22 2000-12-31 Show GitHub Exploit DB Packet Storm
353103 - oracle application_server The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via H… NVD-CWE-Other
CVE-2000-1235 2008-09-6 05:22 2000-12-31 Show GitHub Exploit DB Packet Storm
353104 - floosietek ftgate The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessi… NVD-CWE-Other
CVE-2000-1237 2008-09-6 05:22 2000-12-31 Show GitHub Exploit DB Packet Storm
353105 - ibm aix AIX cdmount allows local users to gain root privileges via shell metacharacters. NVD-CWE-Other
CVE-2000-0466 2008-09-6 05:21 2000-06-20 Show GitHub Exploit DB Packet Storm
353106 - analogx proxy Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long HELO command in the SMTP protocol. NVD-CWE-Other
CVE-2000-0657 2008-09-6 05:21 2000-07-25 Show GitHub Exploit DB Packet Storm
353107 - cvs cvs The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files. NVD-CWE-Other
CVE-2000-0679 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353108 - cvs cvs The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with … NVD-CWE-Other
CVE-2000-0680 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353109 - bea weblogic_server Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. NVD-CWE-Other
CVE-2000-0681 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm
353110 - bea weblogic_server BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. NVD-CWE-Other
CVE-2000-0682 2008-09-6 05:21 2000-10-20 Show GitHub Exploit DB Packet Storm