Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3651	5.5	警告 Local	jqlang	jq	jqlangのjqにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-40612	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

3652	7.5	重要 Network	PHPOffice	PhpSpreadsheet	PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-40863	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

3653	5.5	警告 Local	jqlang	jq	jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性	CWE-158 NULL バイトまたは NULL キャラクタの不適切な無害化	CVE-2026-41256	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

3654	5.5	警告 Local	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-190 CWE-787	CVE-2026-41257	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

3655	5.4	警告 Network	Langfuse GmbH	Langfuse	Langfuse GmbHのLangfuseにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41487	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

3656	9.8	緊急 Network	Nhost	Nhost/auth	NhostのNhost/authにおける認証に関する脆弱性	CWE-287 CWE-noinfo	CVE-2026-41574	2026-05-15 11:00	2026-05-8	Show	GitHub Exploit DB Packet Storm

3657	7.5	重要 Network	Web Technologies	Change Detection	Web TechnologiesのChange DetectionにおけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2026-41895	2026-05-15 11:00	2026-05-12	Show	GitHub Exploit DB Packet Storm

3658	9.8	緊急 Network	レッドハット GNU Project	Red Hat OpenShift Container Platform Red Hat Hardened Images GnuTLS Red Hat Enterprise Linux	GNU Project等の複数ベンダの製品におけるNull バイト相互作用エラー (Poison Null Byte) の脆弱性	CWE-626 Null バイト相互作用エラー (Poison Null Byte)	CVE-2026-42010	2026-05-15 11:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

3659	9.6	緊急 Network	langflow	langflow	langflowにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-42048	2026-05-15 11:00	2026-05-12	Show	GitHub Exploit DB Packet Storm

3660	5.5	警告 Local	ImageMagick	ImageMagick	ImageMagickにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-42050	2026-05-15 11:00	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312871	7.5	HIGH Network	starwindsoftware	iscsi_san	A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects i…	CWE-400 Uncontrolled Resource Consumption	CVE-2007-20001	2024-11-21 09:29	2022-02-7	Show	GitHub Exploit DB Packet Storm

312872	7.5	HIGH Network	web-cyradm_project	web-cyradm	A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It i…	-	CVE-2007-10001	2024-11-21 09:27	2023-01-5	Show	GitHub Exploit DB Packet Storm

312873	8.8	HIGH Network	wp-plugins	the_hackers_diet	A vulnerability, which was classified as critical, has been found in The Hackers Diet Plugin up to 0.9.6b on WordPress. This issue affects some unknown processing of the file ajax_blurb.php of the co…	-	CVE-2007-10003	2024-11-21 09:27	2023-10-30	Show	GitHub Exploit DB Packet Storm

312874	9.8	CRITICAL Network	web-cyradm_project	web-cyradm	A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/…	-	CVE-2007-10002	2024-11-21 09:27	2023-01-8	Show	GitHub Exploit DB Packet Storm

312875	9.8	CRITICAL Network	clamav debian	clamav debian_linux	There is a possible heap overflow in libclamav/fsg.c before 0.100.0.	CWE-787 Out-of-bounds Write	CVE-2007-0899	2024-11-21 09:27	2019-11-6	Show	GitHub Exploit DB Packet Storm

312876	9.8	CRITICAL Network	acme	thttpd	thttpd 2007 has buffer underflow.	CWE-787 Out-of-bounds Write	CVE-2007-0158	2024-11-21 09:25	2019-12-28	Show	GitHub Exploit DB Packet Storm

312877	6.8	MEDIUM Adjacent	gnome opensuse suse	networkmanager opensuse linux_enterprise_desktop linux_enterprise_server	NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.	CWE-295 Improper Certificate Validation	CVE-2006-7246	2024-11-21 09:24	2020-01-28	Show	GitHub Exploit DB Packet Storm

312878	5.5	MEDIUM Local	gnu	glibc	The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service a…	CWE-19 Data Processing Errors	CVE-2006-7254	2024-11-21 09:24	2019-04-11	Show	GitHub Exploit DB Packet Storm

312879	-		gehealthcare	infinia_ii	GE Healthcare Infinia II has a default password of (1) infinia for the infinia user, (2) #bigguy1 for the acqservice user, (3) dont4get2 for the Administrator user, (4) #bigguy1 for the emergency use…	CWE-255 Credentials Management	CVE-2006-7253	2024-11-21 09:24	2015-08-4	Show	GitHub Exploit DB Packet Storm

312880	-		joomla	com_weblinks	SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.	CWE-89 SQL Injection	CVE-2006-7247	2024-11-21 09:24	2012-09-7	Show	GitHub Exploit DB Packet Storm