Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3551	7.8	重要 Local	Amazon.com, Inc.	Kiro IDE	Amazon.com, Inc.のKiro IDEにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-0830	2026-04-30 12:08	2026-01-9	Show	GitHub Exploit DB Packet Storm

3552	5.4	警告 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-25720	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

3553	9.8	緊急 Network	huggingface	LeRobot	huggingfaceのLeRobotにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-25874	2026-04-30 12:08	2026-04-23	Show	GitHub Exploit DB Packet Storm

3554	8.1	重要 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-27841	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

3555	9.1	緊急 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-27843	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

3556	7.5	重要 Network	Navigation Data Standard (NDS)	Zserio	Navigation Data Standard (NDS)のZserioにおける過剰なサイズ値のメモリ割り当てに関する脆弱性	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-33524	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

3557	7.5	重要 Network	Navigation Data Standard (NDS)	Zserio	Navigation Data Standard (NDS)のZserioにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-33666	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

3558	7.5	重要 Network	SenseLive	X3500 Firmware	SenseLiveのX3500 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-35064	2026-04-30 12:08	2026-04-24	Show	GitHub Exploit DB Packet Storm

3559	7.1	重要 Local	Gwenhael Goavec-Merou (trabucayre)	openFPGALoader	Gwenhael Goavec-Merou (trabucayre)のopenFPGALoaderにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-35170	2026-04-30 12:08	2026-04-6	Show	GitHub Exploit DB Packet Storm

3560	7.1	重要 Local	Gwenhael Goavec-Merou (trabucayre)	openFPGALoader	Gwenhael Goavec-Merou (trabucayre)のopenFPGALoaderにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-35176	2026-04-30 12:08	2026-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349521	-	adobe	acrobat_reader	The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile A…	NVD-CWE-Other	CVE-2005-0035	2011-03-8 11:19	2005-05-2	Show	GitHub Exploit DB Packet Storm

349522	-	mysql	maxdb	MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.	NVD-CWE-Other	CVE-2005-0081	2011-03-8 11:19	2005-04-14	Show	GitHub Exploit DB Packet Storm

349523	-	mysql	maxdb	The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler …	NVD-CWE-Other	CVE-2005-0082	2011-03-8 11:19	2005-04-14	Show	GitHub Exploit DB Packet Storm

349524	-	mysql	maxdb	Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.	NVD-CWE-Other	CVE-2005-0111	2011-03-8 11:19	2005-01-13	Show	GitHub Exploit DB Packet Storm

349525	-	sco	unixware	The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.	NVD-CWE-Other	CVE-2005-0134	2011-03-8 11:19	2005-05-18	Show	GitHub Exploit DB Packet Storm

349526	-	recipants	recipants	Multiple cross-site scripting (XSS) vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user id, (2) recipe id, (3) category id, and (4) other…	NVD-CWE-Other	CVE-2004-2568	2011-03-8 11:19	2004-12-31	Show	GitHub Exploit DB Packet Storm

349527	-	phpgroupware	phpgroupware	Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicale…	NVD-CWE-Other	CVE-2004-2574	2011-03-8 11:19	2004-12-31	Show	GitHub Exploit DB Packet Storm

349528	-	phpgroupware	phpgroupware	phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain sensitive information via a direct request to (1) hook_admin.inc.php, (2) hook_home.inc.php, (3) class.holidaycalc.inc.php, and (4…	NVD-CWE-Other	CVE-2004-2575	2011-03-8 11:19	2004-12-31	Show	GitHub Exploit DB Packet Storm

349529	-	gnu	emacs	Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstr…	NVD-CWE-Other	CVE-2003-1232	2011-03-8 11:13	2003-12-31	Show	GitHub Exploit DB Packet Storm

349530	-	apple	afp_server	Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0379	2011-03-8 11:12	2003-07-24	Show	GitHub Exploit DB Packet Storm