Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
81 8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40368 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
82 5.5 警告
Local 		jqlang jq jqlangのjqにおける再帰制御に関する脆弱性 New CWE-674
不適切な再帰制御 		CVE-2026-40612 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
83 7.5 重要
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40863 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
84 5.5 警告
Local 		jqlang jq jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性 New CWE-158
NULL バイトまたは NULL キャラクタの不適切な無害化 		CVE-2026-41256 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
85 5.5 警告
Local 		jqlang jq jqlangのjqにおける複数の脆弱性 New CWE-190
CWE-787
CVE-2026-41257 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
86 5.4 警告
Network 		Langfuse GmbH Langfuse Langfuse GmbHのLangfuseにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-41487 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
87 9.8 緊急
Network 		Nhost Nhost/auth NhostのNhost/authにおける認証に関する脆弱性 New CWE-287
CWE-noinfo
CVE-2026-41574 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
88 7.5 重要
Network 		Web Technologies Change Detection Web TechnologiesのChange DetectionにおけるXML 外部エンティティの脆弱性 New CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-41895 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
89 9.8 緊急
Network 		レッドハット
GNU Project		 Red Hat OpenShift Container Platform
Red Hat Hardened Images
GnuTLS
Red Hat Enterprise Linux 		GNU Project等の複数ベンダの製品におけるNull バイト相互作用エラー (Poison Null Byte) の脆弱性 New CWE-626
Null バイト相互作用エラー (Poison Null Byte) 		CVE-2026-42010 2026-05-15 11:00 2026-05-7 Show GitHub Exploit DB Packet Storm
90 9.6 緊急
Network 		langflow langflow langflowにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-42048 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346601 - nullsoft winamp The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value. NVD-CWE-Other
CVE-2003-0765 2016-10-18 11:37 2003-09-17 Show GitHub Exploit DB Packet Storm
346602 - gamespy roger_wilco_dedicated_server
roger_wilco_graphical_server 		Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earlier for Windows, and 0.27 and earlier for Linux and BSD, allows remote attackers to cause a denial o… NVD-CWE-Other
CVE-2003-0767 2016-10-18 11:37 2003-09-17 Show GitHub Exploit DB Packet Storm
346603 - microsoft asp.net Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name. NVD-CWE-Other
CVE-2003-0768 2016-10-18 11:37 2003-09-22 Show GitHub Exploit DB Packet Storm
346604 - ikonboard.com ikonboard FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when… NVD-CWE-Other
CVE-2003-0770 2016-10-18 11:37 2003-09-22 Show GitHub Exploit DB Packet Storm
346605 - apache_gallery apache_gallery Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apa… NVD-CWE-Other
CVE-2003-0771 2016-10-18 11:37 2003-09-22 Show GitHub Exploit DB Packet Storm
346606 - gnu
quagga
sgi 		zebra
quagga
propack 		The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial… CWE-20
 Improper Input Validation  		CVE-2003-0795 2016-10-18 11:37 2003-12-15 Show GitHub Exploit DB Packet Storm
346607 - university_of_minnesota gopherd Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisTex… NVD-CWE-Other
CVE-2003-0805 2016-10-18 11:37 2003-10-6 Show GitHub Exploit DB Packet Storm
346608 - gnu lsh lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attacke… NVD-CWE-Other
CVE-2003-0826 2016-10-18 11:37 2003-10-6 Show GitHub Exploit DB Packet Storm
346609 - ibm db2_universal_database The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523. NVD-CWE-Other
CVE-2003-0827 2016-10-18 11:37 2003-10-6 Show GitHub Exploit DB Packet Storm
346610 - mplayer mplayer Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. NVD-CWE-Other
CVE-2003-0835 2016-10-18 11:37 2003-11-17 Show GitHub Exploit DB Packet Storm