Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
31 4.3 警告
Network 		mintplexlabs anythingllm mintplexlabsのanythingllmにおける複数の脆弱性 New CWE-200
CWE-639
CWE-639
CVE-2026-42456 2026-05-20 13:30 2026-05-8 Show GitHub Exploit DB Packet Storm
32 6.1 警告
Network 		Gofiber Fiber GofiberのFiberにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42554 2026-05-20 13:29 2026-05-11 Show GitHub Exploit DB Packet Storm
33 9 緊急
Network 		Gitroom Postiz GitroomのPostizにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42556 2026-05-20 13:29 2026-05-8 Show GitHub Exploit DB Packet Storm
34 7.5 重要
Network 		Netty Netty Nettyにおける有効なライフタイム後のリソースの解放の欠如に関する脆弱性 New CWE-772
有効なライフタイム後のリソースの解放の欠如 		CVE-2026-42577 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
35 7.5 重要
Network 		Netty Netty NettyにおけるHTTP レスポンス分割に関する脆弱性 New CWE-113
HTTP レスポンスの分割 		CVE-2026-42578 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
36 9.1 緊急
Network 		Netty Netty Nettyにおける複数の脆弱性 New CWE-20
CWE-400
CWE-626
CVE-2026-42579 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
37 6.5 警告
Network 		Netty Netty Nettyにおける複数の脆弱性 New CWE-190
CWE-444
CVE-2026-42580 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
38 9.8 緊急
Network 		Netty Netty NettyにおけるHTTP リクエストスマグリングに関する脆弱性 New CWE-444
HTTP リクエストスマグリング 		CVE-2026-42581 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
39 7.5 重要
Network 		Netty Netty Nettyにおける複数の脆弱性 New CWE-770
CWE-789
CVE-2026-42582 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
40 7.5 重要
Network 		Netty Netty Nettyにおける複数の脆弱性 New CWE-400
CWE-770
CVE-2026-42583 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351671 - npds npds Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php. NVD-CWE-Other
CVE-2005-1637 2008-09-6 05:49 2005-05-17 Show GitHub Exploit DB Packet Storm
351672 - pixel-apes_group safehtml The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in appl… NVD-CWE-Other
CVE-2005-1638 2008-09-6 05:49 2005-05-17 Show GitHub Exploit DB Packet Storm
351673 - the_ignition_project ignitionserver mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel a… NVD-CWE-Other
CVE-2005-1640 2008-09-6 05:49 2005-05-17 Show GitHub Exploit DB Packet Storm
351674 - the_ignition_project ignitionserver mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not allow protected operators to access channels that have been locked out by a key, which allow… NVD-CWE-Other
CVE-2005-1641 2008-09-6 05:49 2005-05-17 Show GitHub Exploit DB Packet Storm
351675 - gurgens gurgens_guest_book Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and p… NVD-CWE-Other
CVE-2005-1647 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
351676 - gurgens gurgens_ultimate_forum Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames a… NVD-CWE-Other
CVE-2005-1648 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
351677 - woppoware postmaster Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the wmm param… NVD-CWE-Other
CVE-2005-1651 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
351678 - woppoware postmaster message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to bypass authentication by modifying the email parameter. NVD-CWE-Other
CVE-2005-1652 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
351679 - woppoware postmaster Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to inject arbitrary web script or HTML via the email parameter. NVD-CWE-Other
CVE-2005-1653 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm
351680 - aol instant_messenger AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. NVD-CWE-Other
CVE-2005-1655 2008-09-6 05:49 2005-05-18 Show GitHub Exploit DB Packet Storm