Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
791 7.2 重要
Network 		フォーティネット FortiMail フォーティネットのFortiMailにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-53681 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
792 8.8 重要
Network 		フォーティネット FortiOS フォーティネットのFortiOSにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2025-53844 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
793 6.7 警告
Local 		フォーティネット FortiAP
FortiAP-W2 		フォーティネットのFortiAP-W2等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-53870 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
794 5.3 警告
Network 		strapi strapi strapiにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2025-64526 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
795 5.3 警告
Network 		フォーティネット FortiManager
FortiAnalyzer 		フォーティネットのFortiAnalyzer等の複数製品における潜在的に危険な関数の使用に関する脆弱性 CWE-676
潜在的に危険な関数の使用 		CVE-2025-67604 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
796 7.5 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-1184 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
797 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるビジネスロジックエラーに関する脆弱性 CWE-840
ビジネスロジックエラー 		CVE-2026-1322 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
798 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-1338 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
799 7.5 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-1659 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
800 10 緊急
Network 		シスコシステムズ Cisco SD-WAN vSmart Controller シスコシステムズのCisco Catalyst SD-WAN Manager等の複数製品における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-20182 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346081 - joerg_schilling star_tape_archiver Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to refe… NVD-CWE-Other
CVE-2004-0850 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346082 - ulrich_callmeier net-acct The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2004-0851 2017-07-11 10:30 2004-09-8 Show GitHub Exploit DB Packet Storm
346083 - htget htget Buffer overflow in htget 0.93 allows remote attackers to execute arbitrary code via a crafted URL. NVD-CWE-Other
CVE-2004-0852 2017-07-11 10:30 2004-12-20 Show GitHub Exploit DB Packet Storm
346084 - microsoft ie Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers … NVD-CWE-Other
CVE-2004-0869 2017-07-11 10:30 2004-09-16 Show GitHub Exploit DB Packet Storm
346085 - kde konqueror KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to s… NVD-CWE-Other
CVE-2004-0870 2017-07-11 10:30 2004-09-16 Show GitHub Exploit DB Packet Storm
346086 - mozilla mozilla Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal c… NVD-CWE-Other
CVE-2004-0871 2017-07-11 10:30 2004-09-16 Show GitHub Exploit DB Packet Storm
346087 - apple ichat
ichat_av 		Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program. NVD-CWE-Other
CVE-2004-0873 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346088 - phpgroupware phpgroupware Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (aka webdistro) 0.9.16.002 and earlier allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a reques… NVD-CWE-Other
CVE-2004-0875 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346089 - getmail
gentoo
slackware 		getmail
linux
slackware_linux 		getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. NVD-CWE-Other
CVE-2004-0880 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm
346090 - getmail
gentoo
slackware 		getmail
linux
slackware_linux 		getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir. NVD-CWE-Other
CVE-2004-0881 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm