Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3291	7.5	重要 Network	freedom	SecureDrop-Client	freedomのSecureDrop-Clientにおける複数の脆弱性	CWE-36 CWE-73	CVE-2026-35465	2026-04-27 11:27	2026-04-18	Show	GitHub Exploit DB Packet Storm

3292	8.4	重要 Local	Gitlawb	OpenClaude	GitlawbのOpenClaudeにおける複数の脆弱性	CWE-22 CWE-284	CVE-2026-35570	2026-04-27 11:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

3293	8.8	重要 Network	M1k1o	Neko	M1k1oのNekoにおける複数の脆弱性	CWE-20 CWE-269 CWE-284 CWE-639 CWE-862	CVE-2026-39386	2026-04-27 11:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

3294	8.8	重要 Network	Lawnchair	Lawnchair	Lawnchairにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-39866	2026-04-27 11:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

3295	6.1	警告 Network	NetFoundry	zrok	NetFoundryのzrokにおける複数の脆弱性	CWE-116 CWE-79	CVE-2026-40302	2026-04-27 11:27	2026-04-17	Show	GitHub Exploit DB Packet Storm

3296	7.5	重要 Network	NetFoundry	zrok	NetFoundryのzrokにおける複数の脆弱性	CWE-400 CWE-789	CVE-2026-40303	2026-04-27 11:27	2026-04-17	Show	GitHub Exploit DB Packet Storm

3297	5.3	警告 Network	NetFoundry	zrok	NetFoundryのzrokにおける複数の脆弱性	CWE-284 CWE-863	CVE-2026-40304	2026-04-27 11:27	2026-04-17	Show	GitHub Exploit DB Packet Storm

3298	8.8	重要 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-40502	2026-04-27 11:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

3299	6.5	警告 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40503	2026-04-27 11:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

3300	8.8	重要 Network	FreePBX	API Module	FreePBXのAPI ModuleにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-40520	2026-04-27 11:26	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349681	-	horde	accounts	Cross-site scripting (XSS) vulnerability in Horde Accounts module before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.	NVD-CWE-Other	CVE-2005-1316	2008-09-11 04:38	2005-05-2	Show	GitHub Exploit DB Packet Storm

349682	-	apache	http_server	Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgi…	NVD-CWE-Other	CVE-2005-1344	2008-09-11 04:38	2005-05-2	Show	GitHub Exploit DB Packet Storm

349683	-	sylpheed	sylpheed	Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file names.	NVD-CWE-Other	CVE-2005-0926	2008-09-11 04:37	2005-05-2	Show	GitHub Exploit DB Packet Storm

349684	-	uim mandrakesoft	uim mandrake_linux	uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.	NVD-CWE-Other	CVE-2005-0503	2008-09-11 04:36	2005-02-21	Show	GitHub Exploit DB Packet Storm

349685	-	-	-	Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."	NVD-CWE-Other	CVE-2005-0508	2008-09-11 04:36	2005-03-14	Show	GitHub Exploit DB Packet Storm

349686	-	mcafee	antivirus_engine	Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files.	NVD-CWE-Other	CVE-2005-0643	2008-09-11 04:36	2005-05-2	Show	GitHub Exploit DB Packet Storm

349687	-	apple	mac_os_x	Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles.	NVD-CWE-Other	CVE-2005-0712	2008-09-11 04:36	2005-05-2	Show	GitHub Exploit DB Packet Storm

349688	-	clam_anti-virus	clamav	ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.	NVD-CWE-Other	CVE-2005-0133	2008-09-11 04:35	2005-05-2	Show	GitHub Exploit DB Packet Storm

349689	-	smartlist	smartlist	The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie…	NVD-CWE-Other	CVE-2005-0157	2008-09-11 04:35	2005-05-3	Show	GitHub Exploit DB Packet Storm

349690	-	clam_anti-virus	clamav	ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.	NVD-CWE-Other	CVE-2005-0218	2008-09-11 04:35	2005-05-2	Show	GitHub Exploit DB Packet Storm