Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5441 7.5 重要
Network 		VMware Spring AI VMwareのSpring AIにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2026-41712 2026-05-14 10:18 2026-05-12 Show GitHub Exploit DB Packet Storm
5442 8.2 重要
Network 		VMware Spring AI VMwareのSpring AIにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-41713 2026-05-14 10:18 2026-05-12 Show GitHub Exploit DB Packet Storm
5443 6.5 警告
Network 		LangGenius Dify LangGeniusのDifyにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-41950 2026-05-14 10:18 2026-05-5 Show GitHub Exploit DB Packet Storm
5444 9.6 緊急
Network 		Streetwriters Notesnook Mobile
Notesnook Desktop 		StreetwritersのNotesnook Desktop等の複数製品における複数の脆弱性 CWE-79
CWE-94
CVE-2026-42090 2026-05-14 10:18 2026-05-4 Show GitHub Exploit DB Packet Storm
5445 6.5 警告
Network 		goshs goshs goshsにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-42091 2026-05-14 10:18 2026-05-4 Show GitHub Exploit DB Packet Storm
5446 4.8 警告
Network 		Weblate wlc Weblateのwlcにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42150 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
5447 5.9 警告
Network 		Teluu Ltd. PJSIP Teluu Ltd.のPJSIPにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-42225 2026-05-14 10:18 2026-05-7 Show GitHub Exploit DB Packet Storm
5448 4.3 警告
Network 		Onyx Onyx Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-42276 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
5449 6.5 警告
Network 		Onyx Onyx Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-42277 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
5450 5.5 警告
Local 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-42308 2026-05-14 10:18 2026-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
355731 - ekg ekg Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916. NVD-CWE-Other
CVE-2005-1850 2016-10-18 12:23 2005-07-19 Show GitHub Exploit DB Packet Storm
355732 - ekg ekg A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors. NVD-CWE-Other
CVE-2005-1851 2016-10-18 12:23 2005-07-19 Show GitHub Exploit DB Packet Storm
355733 - popper popper PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter. NVD-CWE-Other
CVE-2005-1870 2016-10-18 12:23 2005-06-9 Show GitHub Exploit DB Packet Storm
355734 - drupal drupal Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not impl… NVD-CWE-Other
CVE-2005-1871 2016-10-18 12:23 2005-06-9 Show GitHub Exploit DB Packet Storm
355735 - ibm websphere_application_server Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code. NVD-CWE-Other
CVE-2005-1872 2016-10-18 12:23 2005-06-3 Show GitHub Exploit DB Packet Storm
355736 - exhibit_engine exhibit_engine Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage … NVD-CWE-Other
CVE-2005-1875 2016-10-18 12:23 2005-06-2 Show GitHub Exploit DB Packet Storm
355737 - rakkarsoft raknet Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a de… NVD-CWE-Other
CVE-2005-1899 2016-10-18 12:23 2005-06-9 Show GitHub Exploit DB Packet Storm
355738 - kaspersky_lab kaspersky_anti-virus
kaspersky_anti-virus_personal 		The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later access… NVD-CWE-Other
CVE-2005-1905 2016-10-18 12:23 2005-06-9 Show GitHub Exploit DB Packet Storm
355739 - goodtech_systems goodtech_smtp_server GoodTech SMTP Server 5.14 allows remote attackers to cause a denial of service (application crash) via a RCPT TO command with an invalid argument, as demonstrated using an "A" character. NVD-CWE-Other
CVE-2005-1931 2016-10-18 12:23 2005-07-5 Show GitHub Exploit DB Packet Storm
355740 - - - Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.… NVD-CWE-Other
CVE-2005-1943 2016-10-18 12:23 2005-06-8 Show GitHub Exploit DB Packet Storm