Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
401	9.4	緊急 Network	Deutsche Telekom AG	Telekom Account Management Portal	Deutsche Telekom AGのTelekom Account Management Portalにおけるパスワード管理機能に関する脆弱性 New	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2025-69614	2026-05-11 11:03	2026-03-10	Show	GitHub Exploit DB Packet Storm

402	9.1	緊急 Network	Deutsche Telekom AG	Telekom Account Management Portal	Deutsche Telekom AGのTelekom Account Management Portalにおける過度な認証試行の不適切な制限に関する脆弱性 New	CWE-307 過度な認証試行の不適切な制限	CVE-2025-69615	2026-05-11 11:03	2026-03-10	Show	GitHub Exploit DB Packet Storm

403	6.1	警告 Network	generatedata	generatedata	generatedataにおけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-70025	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

404	7.5	重要 Network	pdfmake project	pdfmake	pdfmakeにおけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-26801	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

405	7.8	重要 Local	Luis Novo (lfnovo)	Open Notebook	Luis Novo (lfnovo)のOpen Notebookにおける複数の脆弱性 New	CWE-20 CWE-352 CWE-917 CWE-noinfo	CVE-2026-28201	2026-05-11 11:02	2026-05-7	Show	GitHub Exploit DB Packet Storm

406	9.8	緊急 Network	Xiaomi	MIUI File Explorer	XiaomiのMIUI File Explorerにおける複数の脆弱性 New	CWE-303 CWE-862	CVE-2026-29515	2026-05-11 11:02	2026-03-11	Show	GitHub Exploit DB Packet Storm

407	6.1	警告 Network	WorkflowFirst Software LLC	Staff.Wiki	WorkflowFirst Software LLCのStaff.Wikiにおけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-29969	2026-05-11 11:02	2026-03-26	Show	GitHub Exploit DB Packet Storm

408	5.4	警告 Network	spomky-labs	webauthn-lib webauthn-symfony-bundle webauthn framwork	spomky-labsのwebauthn-lib等の複数製品における同一生成元ポリシー違反に関する脆弱性 New	CWE-346 同一生成元ポリシー違反	CVE-2026-30964	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

409	6.5	警告 Network	appium	Appium/support	appiumのAppium/supportにおけるパストラバーサルの脆弱性 New	CWE-22 パス・トラバーサル	CVE-2026-30973	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

410	8.8	重要 Network	マイクロソフト	Microsoft Windows Server 2025 Microsoft Windows Server 2022 Microsoft Windows 11 24h2 Microsoft Windows 11 25h2 Microsoft …	リモートデスクトップクライアントのリモートでコードが実行される脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-32157	2026-05-11 11:02	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
350811	-	microsoft	site_server site_server_commerce	cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to…	NVD-CWE-Other	CVE-2002-2081	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350812	-	floosietek	ftgateoffice ftgatepro	FTGate and FTGate Pro 1.05 lock user mailboxes before authentication succeeds, which allows remote attackers to lock the mailboxes of other users.	NVD-CWE-Other	CVE-2002-2082	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350813	-	novell	netware	The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware log…	NVD-CWE-Other	CVE-2002-2083	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350814	-	portix-php	portix-php	Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters.	NVD-CWE-Other	CVE-2002-2084	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350815	-	wwwebbb	wwwebbb_forum	Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request.	NVD-CWE-Other	CVE-2002-2085	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350816	-	borland_software	interbase	Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.	NVD-CWE-Other	CVE-2002-2087	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350817	-	mosix_project	clump_os	The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access.	NVD-CWE-Other	CVE-2002-2088	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350818	-	sun	solaris	Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.	NVD-CWE-Other	CVE-2002-2089	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350819	-	caucho_technology	resin	Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.	NVD-CWE-Other	CVE-2002-2090	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

350820	-	decfingerd	decfingerd	Format string vulnerability in Deception Finger Daemon, decfingerd, 0.7 may allow remote attackers to execute arbitrary code via the username of a finger request.	NVD-CWE-Other	CVE-2002-2091	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed