Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3361 5.4 警告
Network 		authlib authlib authlibにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-41425 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3362 6.1 警告
Network 		pretalx pretalx pretalxにおける複数の脆弱性 CWE-116
CWE-79
CVE-2026-41426 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3363 9.1 緊急
Network 		budibase budibase budibaseにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-41428 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3364 9.1 緊急
Network 		BACnet Stack BACnet Stack BACnet Stackにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-41475 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3365 9.9 緊急
Network 		Saltcorn Saltcorn SaltcornにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-41478 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3366 9.8 緊急
Network 		dgraph dgraph dgraphにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-41492 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3367 7.5 重要
Network 		BACnet Stack BACnet Stack BACnet Stackにおける複数の脆弱性 CWE-125
CWE-193
CVE-2026-41502 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3368 7.5 重要
Network 		BACnet Stack BACnet Stack BACnet Stackにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-41503 2026-04-30 10:59 2026-04-24 Show GitHub Exploit DB Packet Storm
3369 7.5 重要
Network 		Apache Software Foundation Apache Thrift Apache Software FoundationのApache Thriftにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-41602 2026-04-30 10:59 2026-04-28 Show GitHub Exploit DB Packet Storm
3370 7.4 重要
Network 		Apache Software Foundation Apache Thrift Apache Software FoundationのApache Thriftにおける複数の脆弱性 CWE-297
CWE-306
CVE-2026-41603 2026-04-30 10:59 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348281 - ibm homepageprint Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. NVD-CWE-Other
CVE-1999-1531 2016-10-18 11:05 1999-11-2 Show GitHub Exploit DB Packet Storm
348282 - netscape messaging_server Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands. NVD-CWE-Other
CVE-1999-1532 2016-10-18 11:05 1999-10-29 Show GitHub Exploit DB Packet Storm
348283 - knox_software arkeia Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. NVD-CWE-Other
CVE-1999-1534 2016-10-18 11:05 1999-09-23 Show GitHub Exploit DB Packet Storm
348284 - acushop salesbuilder .sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file. NVD-CWE-Other
CVE-1999-1536 2016-10-18 11:05 1999-07-30 Show GitHub Exploit DB Packet Storm
348285 - microsoft internet_information_server When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensiti… NVD-CWE-Other
CVE-1999-1538 2016-10-18 11:05 1999-01-14 Show GitHub Exploit DB Packet Storm
348286 - microsoft internet_information_server Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. NVD-CWE-Other
CVE-1999-1544 2016-10-18 11:05 1999-01-24 Show GitHub Exploit DB Packet Storm
348287 - joes_own_editor joe Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users. NVD-CWE-Other
CVE-1999-1545 2016-10-18 11:05 1999-07-14 Show GitHub Exploit DB Packet Storm
348288 - oracle web_listener Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. CWE-20
 Improper Input Validation  		CVE-1999-1547 2016-10-18 11:05 1999-11-25 Show GitHub Exploit DB Packet Storm
348289 - microsoft index_server Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physic… NVD-CWE-Other
CVE-1999-1397 2016-10-18 11:04 1999-03-23 Show GitHub Exploit DB Packet Storm
348290 - sgi irix Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. NVD-CWE-Other
CVE-1999-1398 2016-10-18 11:04 1997-05-7 Show GitHub Exploit DB Packet Storm