Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4041 6.8 警告
Physics 		ZTE ZX297520V3 ファームウェア ZTEのZX297520V3 ファームウェアにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-40003 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
4042 7.8 重要
Local 		ZTE ZXCLOUD iRAI ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2026-40004 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
4043 6.5 警告
Network 		Zulip Zulip Server ZulipのZulip Serverにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-40300 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4044 6.5 警告
Network 		NocoBase NocoBase NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40346 2026-05-15 11:01 2026-04-18 Show GitHub Exploit DB Packet Storm
4045 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40357 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4046 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-40365 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4047 8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40368 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4048 5.5 警告
Local 		jqlang jq jqlangのjqにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40612 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
4049 7.5 重要
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40863 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4050 5.5 警告
Local 		jqlang jq jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性 CWE-158
NULL バイトまたは NULL キャラクタの不適切な無害化 		CVE-2026-41256 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312881 9.8 CRITICAL
Network 		mobotix s14_firmware An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account. CWE-798
 Use of Hard-coded Credentials 		CVE-2009-5154 2024-11-21 10:11 2019-02-10 Show GitHub Exploit DB Packet Storm
312882 9.8 CRITICAL
Network 		microfocus netware In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, becau… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-5153 2024-11-21 10:11 2018-11-22 Show GitHub Exploit DB Packet Storm
312883 4.1 MEDIUM
Local 		absolute computrace_agent Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to… CWE-362
Race Condition 		CVE-2009-5152 2024-11-21 10:11 2018-05-12 Show GitHub Exploit DB Packet Storm
312884 6.7 MEDIUM
Local 		absolute computrace_agent The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code o… CWE-284
Improper Access Control 		CVE-2009-5151 2024-11-21 10:11 2018-05-12 Show GitHub Exploit DB Packet Storm
312885 6.7 MEDIUM
Local 		absolute computrace_agent Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended sea… CWE-284
Improper Access Control 		CVE-2009-5150 2024-11-21 10:11 2018-05-12 Show GitHub Exploit DB Packet Storm
312886 6.5 MEDIUM
Adjacent 		symantec altiris_deployment_solution DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0109 2024-11-21 10:11 2018-02-20 Show GitHub Exploit DB Packet Storm
312887 7.5 HIGH
Network 		mod_gnutls_project mod_gnutls mod-gnutls does not validate client certificates when "GnuTLSClientVerify require" is set in a directory context, which allows remote attackers to spoof clients via a crafted certificate. CWE-254
 7PK - Security Features 		CVE-2009-5144 2024-11-21 10:11 2018-02-4 Show GitHub Exploit DB Packet Storm
312888 6.1 MEDIUM
Network 		zope zope Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12. CWE-79
Cross-site Scripting 		CVE-2009-5145 2024-11-21 10:11 2017-08-8 Show GitHub Exploit DB Packet Storm
312889 7.3 HIGH
Network 		ruby-lang ruby DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names. CWE-20
 Improper Input Validation  		CVE-2009-5147 2024-11-21 10:11 2017-03-29 Show GitHub Exploit DB Packet Storm
312890 - arris na_model_862_gw_mono_firmware Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access vi… CWE-255
Credentials Management 		CVE-2009-5149 2024-11-21 10:11 2015-11-21 Show GitHub Exploit DB Packet Storm