Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3231 7.4 重要
Network 		マイクロソフト Microsoft Authenticator Microsoft Authenticator の情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-41615 2026-05-18 11:30 2026-05-14 Show GitHub Exploit DB Packet Storm
3232 6.5 警告
Network 		Distribution Distribution Distributionにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41888 2026-05-18 11:30 2026-05-14 Show GitHub Exploit DB Packet Storm
3233 7.5 重要
Network 		Signal K Signal K Server Signal KのSignal K Serverにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-41893 2026-05-18 11:30 2026-05-9 Show GitHub Exploit DB Packet Storm
3234 9.8 緊急
Network 		Open Knowledge Foundation CKAN Open Knowledge FoundationのCKANにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-42031 2026-05-18 11:30 2026-05-13 Show GitHub Exploit DB Packet Storm
3235 9.1 緊急
Network 		Open Knowledge Foundation CKAN Open Knowledge FoundationのCKANにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42032 2026-05-18 11:30 2026-05-13 Show GitHub Exploit DB Packet Storm
3236 4.9 警告
Network 		argoproj Argo Workflows Argo Project AuthorsのArgo Workflowsにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-42295 2026-05-18 11:30 2026-05-9 Show GitHub Exploit DB Packet Storm
3237 8.1 重要
Network 		argoproj Argo Workflows Argo Project AuthorsのArgo Workflowsにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42296 2026-05-18 11:30 2026-05-9 Show GitHub Exploit DB Packet Storm
3238 8.3 重要
Network 		argoproj Argo Workflows Argo Project AuthorsのArgo Workflowsにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42297 2026-05-18 11:30 2026-05-9 Show GitHub Exploit DB Packet Storm
3239 6.8 警告
Network 		pyLoad-ng project pyLoad-ng pyLoad-ng projectのpyLoad-ngにおける複数の脆弱性 CWE-295
CWE-306
CWE-863
CVE-2026-42312 2026-05-18 11:30 2026-05-11 Show GitHub Exploit DB Packet Storm
3240 8.3 重要
Network 		pyLoad-ng project pyLoad-ng pyLoad-ng projectのpyLoad-ngにおける複数の脆弱性 CWE-441
CWE-863
CWE-918
CVE-2026-42313 2026-05-18 11:30 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312221 - mcafee host_data_loss_prevention The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive inf… CWE-200
Information Exposure 		CVE-2009-5117 2024-11-21 10:11 2012-08-22 Show GitHub Exploit DB Packet Storm
312222 - mcafee linuxshield McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client … CWE-287
Improper Authentication 		CVE-2009-5116 2024-11-21 10:11 2012-08-22 Show GitHub Exploit DB Packet Storm
312223 - mcafee common_management_agent McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by access… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-5115 2024-11-21 10:11 2012-08-22 Show GitHub Exploit DB Packet Storm
312224 - mysql
oracle 		mysql The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows… CWE-89
SQL Injection 		CVE-2009-5026 2024-11-21 10:11 2012-08-17 Show GitHub Exploit DB Packet Storm
312225 - redhat jboss_community_application_server
jboss_enterprise_application_platform 		twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments. CWE-255
Credentials Management 		CVE-2009-5066 2024-11-21 10:11 2012-08-14 Show GitHub Exploit DB Packet Storm
312226 - trustwave
opensuse 		modsecurity
opensuse 		ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scrip… CWE-79
Cross-site Scripting 		CVE-2009-5031 2024-11-21 10:11 2012-07-23 Show GitHub Exploit DB Packet Storm
312227 - uclouvain openjpeg The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile informa… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-5030 2024-11-21 10:11 2012-07-19 Show GitHub Exploit DB Packet Storm
312228 - iwork webglimpse Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter. CWE-22
Path Traversal 		CVE-2009-5114 2024-11-21 10:11 2012-03-20 Show GitHub Exploit DB Packet Storm
312229 - iwork webglimpse Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter. CWE-79
Cross-site Scripting 		CVE-2009-5113 2024-11-21 10:11 2012-03-20 Show GitHub Exploit DB Packet Storm
312230 - iwork webglimpse wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request. CWE-200
Information Exposure 		CVE-2009-5112 2024-11-21 10:11 2012-03-20 Show GitHub Exploit DB Packet Storm