Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
301 9.8 緊急
Network 		Apache Software Foundation Apache Tomcat Apache Software FoundationのApache Tomcatにおける入力確認に関する脆弱性 New CWE-20
不適切な入力確認 		CVE-2026-41293 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
302 5 警告
Local 		マイクロソフト Visual Studio Code マイクロソフトのVisual Studio Codeにおける複数の脆弱性 New CWE-200
CWE-59
CWE-79
CWE-79
CVE-2026-41610 2026-05-18 11:31 2026-05-12 Show GitHub Exploit DB Packet Storm
303 3.3
Local 		マイクロソフト Visual Studio Code Visual Studio Code のリモートでコードが実行される脆弱性 New CWE-77
CWE-79
CWE-80
CVE-2026-41611 2026-05-18 11:30 2026-05-12 Show GitHub Exploit DB Packet Storm
304 8.8 重要
Network 		マイクロソフト Visual Studio Code マイクロソフトのVisual Studio Codeにおける複数の脆弱性 New CWE-384
CWE-384
CWE-78
CVE-2026-41613 2026-05-18 11:30 2026-05-12 Show GitHub Exploit DB Packet Storm
305 7.4 重要
Network 		マイクロソフト Microsoft Authenticator Microsoft Authenticator の情報漏えいの脆弱性 New CWE-200
情報漏えい 		CVE-2026-41615 2026-05-18 11:30 2026-05-14 Show GitHub Exploit DB Packet Storm
306 6.5 警告
Network 		Distribution Distribution Distributionにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-41888 2026-05-18 11:30 2026-05-14 Show GitHub Exploit DB Packet Storm
307 7.5 重要
Network 		Signal K Signal K Server Signal KのSignal K Serverにおける過度な認証試行の不適切な制限に関する脆弱性 New CWE-307
過度な認証試行の不適切な制限 		CVE-2026-41893 2026-05-18 11:30 2026-05-9 Show GitHub Exploit DB Packet Storm
308 9.8 緊急
Network 		Open Knowledge Foundation CKAN Open Knowledge FoundationのCKANにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-42031 2026-05-18 11:30 2026-05-13 Show GitHub Exploit DB Packet Storm
309 9.1 緊急
Network 		Open Knowledge Foundation CKAN Open Knowledge FoundationのCKANにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-42032 2026-05-18 11:30 2026-05-13 Show GitHub Exploit DB Packet Storm
310 4.9 警告
Network 		argoproj Argo Workflows Argo Project AuthorsのArgo Workflowsにおける認証情報の不十分な保護に関する脆弱性 New CWE-522
認証情報の不十分な保護 		CVE-2026-42295 2026-05-18 11:30 2026-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346341 - mailenable mailenable_enterprise
mailenable_professional 		Buffer overflow in MailEnable Professional 1.71 and earlier, and Enterprise 1.1 and earlier, allows remote authenticated users to execute arbitrary code via a long IMAP EXAMINE command. NVD-CWE-Other
CVE-2005-4402 2016-10-18 12:38 2005-12-20 Show GitHub Exploit DB Packet Storm
346342 - extensis netpublish_server Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter. NVD-CWE-Other
CVE-2005-4510 2016-10-18 12:38 2005-12-23 Show GitHub Exploit DB Packet Storm
346343 - oracle application_server_discussion_forum_portlet Cross-site scripting (XSS) vulnerability in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the (1) RowKeyValue parame… NVD-CWE-Other
CVE-2005-4549 2016-10-18 12:38 2005-12-28 Show GitHub Exploit DB Packet Storm
346344 - simpbook simpbook Cross-site scripting (XSS) vulnerability in sign.php in codegrrl SimpBook 1.0, when html_enable is on, allows remote attackers to inject arbitrary web script or HTML via the message parameter to inde… NVD-CWE-Other
CVE-2005-4551 2016-10-18 12:38 2005-12-28 Show GitHub Exploit DB Packet Storm
346345 - flexbackup flexbackup Flexbackup 1.2.1 and earlier allows local users to overwrite files and execute code via a symlink attack on temporary files. NOTE: the raw source referenced an incorrect candidate number; this is th… NVD-CWE-Other
CVE-2005-4802 2016-10-18 12:38 2005-12-31 Show GitHub Exploit DB Packet Storm
346346 - hitachi ip5000_voip_wifi_phone Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disable access to (1) SNMP or (2) TCP port 3390, which allows remote attackers to modify configuration using CVE-2005-3722, or access t… NVD-CWE-Other
CVE-2005-3723 2016-10-18 12:37 2005-11-21 Show GitHub Exploit DB Packet Storm
346347 - zyxel prestige_2000w_v.1voip_wi-fi_phone Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or… NVD-CWE-Other
CVE-2005-3725 2016-10-18 12:37 2005-11-21 Show GitHub Exploit DB Packet Storm
346348 - pollvote pollvote PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter. CWE-94
Code Injection 		CVE-2005-3775 2016-10-18 12:37 2005-11-23 Show GitHub Exploit DB Packet Storm
346349 - mybulletinboard mybulletinboard Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allow remote attackers to inject arbitrary web script or HTML via (1) the subject field when creating a n… NVD-CWE-Other
CVE-2005-3776 2016-10-18 12:37 2005-11-23 Show GitHub Exploit DB Packet Storm
346350 - mybulletinboard mybulletinboard MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to delete or move private messages (PM) via modified fields in the inbox form. NVD-CWE-Other
CVE-2005-3777 2016-10-18 12:37 2005-11-23 Show GitHub Exploit DB Packet Storm