Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
71 6.8 警告
Physics 		ZTE ZX297520V3 ファームウェア ZTEのZX297520V3 ファームウェアにおける境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-40003 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
72 7.8 重要
Local 		ZTE ZXCLOUD iRAI ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性 New CWE-427
制御されていない検索パスの要素 		CVE-2026-40004 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
73 6.5 警告
Network 		Zulip Zulip Server ZulipのZulip Serverにおけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-40300 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
74 6.5 警告
Network 		NocoBase NocoBase NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40346 2026-05-15 11:01 2026-04-18 Show GitHub Exploit DB Packet Storm
75 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40357 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
76 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 New CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-40365 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
77 8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40368 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
78 5.5 警告
Local 		jqlang jq jqlangのjqにおける再帰制御に関する脆弱性 New CWE-674
不適切な再帰制御 		CVE-2026-40612 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
79 7.5 重要
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40863 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
80 5.5 警告
Local 		jqlang jq jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性 New CWE-158
NULL バイトまたは NULL キャラクタの不適切な無害化 		CVE-2026-41256 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351981 - voxel cbms Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users. NVD-CWE-Other
CVE-2002-0960 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351982 - voxel cbms Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection a… NVD-CWE-Other
CVE-2002-0961 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351983 - geeklog geeklog Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the url variable in the Link field of a calendar event, (2) the topic para… NVD-CWE-Other
CVE-2002-0962 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351984 - geeklog geeklog SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter. NVD-CWE-Other
CVE-2002-0963 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351985 - valve_software half-life
half-life_dedicated_server 		Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which rea… NVD-CWE-Other
CVE-2002-0964 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351986 - oracle oracle9i Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not prop… NVD-CWE-Other
CVE-2002-0965 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351987 - aci 4d_webserver Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request. NVD-CWE-Other
CVE-2002-0966 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351988 - edonkey2000 edonkey_2000_client Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL. NVD-CWE-Other
CVE-2002-0967 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351989 - hp cifs-9000_server Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S… NVD-CWE-Other
CVE-2002-0991 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
351990 - hp hp-ux Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. NVD-CWE-Other
CVE-2002-0992 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm