Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
190261	5.9	警告 Network	Apache Software Foundation	-	Apache Struts2 におけるサーバのプロセスをオーバーロードされる脆弱性	CWE-20 不適切な入力確認	CVE-2016-8738	2017-10-2 12:05	2016-12-5	Show	GitHub Exploit DB Packet Storm

190262	9.8	緊急 Network	Apache Software Foundation	-	Apache Struts2 の Convention プラグインにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-6795	2017-10-2 12:05	2016-10-18	Show	GitHub Exploit DB Packet Storm

190263	7.8	重要 Local	DELL EMC (旧 EMC Corporation)	-	ElanTech Touchpad 用ドライバにおける引用されない検索パスまたは要素に関する脆弱性	CWE-428 引用されない検索パスまたは要素	CVE-2017-3757	2017-10-2 11:18	2017-08-24	Show	GitHub Exploit DB Packet Storm

190264	7.8	重要 Local	マイクロソフト	-	複数の Microsoft Excel 製品におけるリモートでコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2017-8744	2017-10-2 11:11	2017-09-12	Show	GitHub Exploit DB Packet Storm

190265	7.8	重要 Local	マイクロソフト	-	複数の Microsoft 製品におけるリモートでコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2017-8742	2017-10-2 11:11	2017-09-12	Show	GitHub Exploit DB Packet Storm

190266	7.8	重要 Local	Lenovo	-	ThinkPad USB 3.0 イーサネットアダプタードライバにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3746	2017-10-2 11:10	2017-08-24	Show	GitHub Exploit DB Packet Storm

190267	7.5	重要 Network	Pki-core Project	-	pki-core における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2015-0234	2017-10-2 11:10	2015-05-8	Show	GitHub Exploit DB Packet Storm

190268	7.8	重要 Local	Hangzhou Hikvision Digital Technology	-	Hikvision iVMS-4200 における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2017-13774	2017-10-2 10:07	2017-08-28	Show	GitHub Exploit DB Packet Storm

190269	8.8	重要 Network	パルスセキュア	-	Pulse Connect Secure および Pulse Policy Secure におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-11455	2017-10-2 10:07	2017-08-29	Show	GitHub Exploit DB Packet Storm

190270	6.1	警告 Network	Apache Software Foundation	-	Apache OFBiz におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-6800	2017-10-2 10:07	2016-11-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	5.3	MEDIUM Local	-	-	A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a deni… New	CWE-476 NULL Pointer Dereference	CVE-2026-7450	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

72	9.8	CRITICAL Network	-	-	Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain f… New	CWE-259 Use of Hard-coded Password	CVE-2026-7251	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

73	6.5	MEDIUM Adjacent	-	-	A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTP_MSG_MANAGEMENT message to se… Update	CWE-1335 Incorrect Bitwise Shift of Integer	CVE-2026-5072	2026-05-27 03:16	2026-05-22	Show	GitHub Exploit DB Packet Storm

74	7.8	HIGH Local	-	-	A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker ca… New	CWE-787 Out-of-bounds Write	CVE-2026-48864	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

75	-		-	-	FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689. New	-	CVE-2026-48696	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

76	-		-	-	FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The _log() function in src/mikrotik_plugin/fastnetmon_mikrotik.php… New	-	CVE-2026-48695	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

77	-		-	-	FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniper_plugin/fastnetmon_juniper.php, the $IP_ATTACK vari… New	-	CVE-2026-48694	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

78	8.2	HIGH Network	-	-	Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which silently turns on --domain at engine/flags.go:372), the request… New	CWE-22 CWE-23 CWE-644 Path Traversal Relative Path Traversal Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2026-48126	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

79	-		-	-	Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given k… New	CWE-287 CWE-345 CWE-697 Improper Authentication Insufficient Verification of Data Authenticity Incorrect Comparison	CVE-2026-47202	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

80	9.9	CRITICAL Network	-	-	Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. I… New	CWE-78 CWE-89 OS Command SQL Injection	CVE-2026-46624	2026-05-27 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm