Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
361	5.9	警告 Network	Teluu Ltd.	PJSIP	Teluu Ltd.のPJSIPにおける証明書検証に関する脆弱性 New	CWE-295 不正な証明書検証	CVE-2026-42225	2026-05-14 10:18	2026-05-7	Show	GitHub Exploit DB Packet Storm

362	4.3	警告 Network	Onyx	Onyx	Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-42276	2026-05-14 10:18	2026-05-8	Show	GitHub Exploit DB Packet Storm

363	6.5	警告 Network	Onyx	Onyx	Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-42277	2026-05-14 10:18	2026-05-8	Show	GitHub Exploit DB Packet Storm

364	5.5	警告 Local	Python Software Foundation	Python Pillow	Python Software FoundationのPython Pillowにおける整数オーバーフローの脆弱性 New	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-42308	2026-05-14 10:18	2026-05-9	Show	GitHub Exploit DB Packet Storm

365	5.5	警告 Local	Python Software Foundation	Python Pillow	Python Software FoundationのPython Pillowにおけるヒープベースのバッファオーバーフローの脆弱性 New	CWE-122 ヒープオーバーフロー	CVE-2026-42309	2026-05-14 10:18	2026-05-9	Show	GitHub Exploit DB Packet Storm

366	5.5	警告 Local	Python Software Foundation	Python Pillow	Python Software FoundationのPython Pillowにおける無限ループに関する脆弱性 New	CWE-835 無限ループ	CVE-2026-42310	2026-05-14 10:18	2026-05-9	Show	GitHub Exploit DB Packet Storm

367	8.1	重要 Network	Grav CMS	grav	Grav CMSのgravにおける複数の脆弱性 New	CWE-269 CWE-285 CWE-639 CWE-837	CVE-2026-42609	2026-05-14 10:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

368	6.5	警告 Network	Grav CMS	grav	Grav CMSのgravにおける不正な認証に関する脆弱性 New	CWE-863 不正な認証	CVE-2026-42610	2026-05-14 10:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

369	8.9	重要 Network	Grav CMS	grav	Grav CMSのgravにおけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42611	2026-05-14 10:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

370	5.4	警告 Network	Grav CMS	grav	Grav CMSのgravにおけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42612	2026-05-14 10:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346451	-	novell	ichain	Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.	NVD-CWE-Other	CVE-2005-0798	2016-10-18 12:14	2005-03-15	Show	GitHub Exploit DB Packet Storm

346452	-	includer.cgi	includer.cgi	Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read arbitrary files via (1) a .. (dot dot) or (2) a full pathname in the URL.	NVD-CWE-Other	CVE-2005-0801	2016-10-18 12:14	2005-05-2	Show	GitHub Exploit DB Packet Storm

346453	-	mailenable	mailenable_standard	Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field.	NVD-CWE-Other	CVE-2005-0804	2016-10-18 12:14	2005-05-2	Show	GitHub Exploit DB Packet Storm

346454	-	php_fusion	php_fusion	Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pas…	NVD-CWE-Other	CVE-2005-0829	2016-10-18 12:14	2005-05-2	Show	GitHub Exploit DB Packet Storm

346455	-	gfi	languard_network_security_scanner	lnss.exe in GFI Languard Network Security Scanner 5.0 stores the username and password in memory in plaintext, which could allow local administrators to obtain domain administrator credentials.	NVD-CWE-Other	CVE-2005-0604	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm

346456	-	phpbb_group	phpbb	sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie.	NVD-CWE-Other	CVE-2005-0614	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm

346457	-	postnuke_software_foundation	postnuke	Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter.	NVD-CWE-Other	CVE-2005-0615	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm

346458	-	-	-	Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2)…	NVD-CWE-Other	CVE-2005-0616	2016-10-18 12:13	2005-02-28	Show	GitHub Exploit DB Packet Storm

346459	-	postnuke_software_foundation	postnuke	SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers to execute arbitrary SQL commands via the show parameter.	NVD-CWE-Other	CVE-2005-0617	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm

346460	-	enlight_software	scrapland	Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) …	NVD-CWE-Other	CVE-2005-0621	2016-10-18 12:13	2005-05-2	Show	GitHub Exploit DB Packet Storm