Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
751	5.5	警告 Local	IBM	watsonx.data	IBMのwatsonx.dataにおける認証情報の平文保存に関する脆弱性	CWE-256 平文でパスワードを保存	CVE-2025-36335	2026-05-14 10:23	2026-04-30	Show	GitHub Exploit DB Packet Storm

752	7.5	重要 Network	アップル	iOS iPadOS	アップルのiPadOS等の複数製品におけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性	CWE-451 ユーザインターフェースにおける重要情報の誤った表示	CVE-2025-46311	2026-05-14 10:23	2026-05-12	Show	GitHub Exploit DB Packet Storm

753	4.7	警告 Network	ISPConfig	ISPConfig	ISPConfigにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-52206	2026-05-14 10:23	2026-05-5	Show	GitHub Exploit DB Packet Storm

754	7.3	重要 Network	AstrBot	AstrBot	AstrBotにおけるハードコードされた暗号鍵の使用に関する脆弱性	CWE-321 ハードコードされた暗号鍵の使用	CVE-2025-55449	2026-05-14 10:23	2026-05-8	Show	GitHub Exploit DB Packet Storm

755	7.2	重要 Network	Check MK	Check MK	Check MKにおける認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2025-64998	2026-05-14 10:22	2026-03-24	Show	GitHub Exploit DB Packet Storm

756	6.5	警告 Network	Apache Software Foundation	CloudStack	Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性	CWE-359 認可されていないアクターへの個人情報の漏えい	CVE-2025-66171	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

757	8.1	重要 Network	Apache Software Foundation	CloudStack	Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性	CWE-359 認可されていないアクターへの個人情報の漏えい	CVE-2025-66172	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

758	7.2	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2025-67486	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

759	9.1	緊急 Network	Electric Sheep Fencing	pfSense	Electric Sheep FencingのpfSenseにおける複数の脆弱性	CWE-502 CWE-915	CVE-2025-69690	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

760	9.9	緊急 Network	Electric Sheep Fencing	pfSense	Electric Sheep FencingのpfSenseにおける複数の脆弱性	CWE-284 CWE-915	CVE-2025-69691	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346421	-	flatnuke	flatnuke	Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of …	NVD-CWE-Other	CVE-2005-3361	2016-10-18 12:34	2005-10-28	Show	GitHub Exploit DB Packet Storm

346422	-	platinum	dboardgear	Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an …	NVD-CWE-Other	CVE-2005-3364	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346423	-	sparkleblog	sparkleblog	Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog 2.1 allows remote attackers to inject arbitrary web script or HTML via the name field.	NVD-CWE-Other	CVE-2005-3367	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346424	-	arcavir	arcavir_2005	Multiple interpretation error in ArcaVir 2005 package 2005-06-21 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is norma…	NVD-CWE-Other	CVE-2005-3370	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346425	-	grisoft	avg_antivirus	Multiple interpretation error in AVG 7 7.0.323 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated wit…	NVD-CWE-Other	CVE-2005-3371	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346426	-	dr.web	dr.web_antivirus	Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with…	NVD-CWE-Other	CVE-2005-3373	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346427	-	frisk_software	f-prot_antivirus	Multiple interpretation error in F-Prot 3.16c allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with…	NVD-CWE-Other	CVE-2005-3374	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346428	-	ikarus	ikarus_antivirus	Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associat…	NVD-CWE-Other	CVE-2005-3375	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346429	-	kaspersky_lab	kaspersky_anti-virus	Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated…	NVD-CWE-Other	CVE-2005-3376	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm

346430	-	mcafee	internet_security_suite	Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to…	NVD-CWE-Other	CVE-2005-3377	2016-10-18 12:34	2005-10-30	Show	GitHub Exploit DB Packet Storm