Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191251 9.8 緊急
Network 		Schneider Electric - Schneider Electric Modicon Modbus Protocol における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2017-6034 2017-07-25 14:14 2017-04-11 Show GitHub Exploit DB Packet Storm
191252 5.3 警告
Network 		Schneider Electric - Schneider Electric Modicon Modbus Protocol におけるセキュリティチェックに関する脆弱性 CWE-358
不適切に実装されたセキュリティチェック 		CVE-2017-6032 2017-07-25 14:14 2017-04-11 Show GitHub Exploit DB Packet Storm
191253 5.4 警告
Network 		Biscom - Biscom Secure File Transfer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5241 2017-07-25 14:14 2017-06-30 Show GitHub Exploit DB Packet Storm
191254 7.8 危険 日本電気
IBM
Apache Software Foundation
アップル
サイバートラスト株式会社
富士通
リコー
ヒューレット・パッカード
オラクル
日立
レッドハット		 - Apache HTTPD サーバにサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3192 2017-07-25 13:51 2011-08-29 Show GitHub Exploit DB Packet Storm
191255 9.8 緊急
Network 		日本電気
Apache Software Foundation		 - Apache httpd における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-3169 2017-07-25 13:50 2017-06-20 Show GitHub Exploit DB Packet Storm
191256 5.9 警告
Network 		日本電気
OpenSSL Project		 - OpenSSL の DTLS の実装の statem/statem_dtls.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-6308 2017-07-25 13:48 2016-09-22 Show GitHub Exploit DB Packet Storm
191257 5.9 警告
Network 		日本電気
OpenSSL Project		 - OpenSSL のステートマシンの実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-6307 2017-07-25 13:48 2016-09-22 Show GitHub Exploit DB Packet Storm
191258 5.9 警告
Network 		Node.js Foundation
日本電気
OpenSSL Project
SUSE
日立		 - OpenSSL の証明書のパーサにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-6306 2017-07-25 13:48 2016-09-22 Show GitHub Exploit DB Packet Storm
191259 7.5 重要
Network 		日本電気
OpenSSL Project		 - OpenSSL の DTLS の実装のアンチリプレイ機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2016-2181 2017-07-25 13:48 2016-08-19 Show GitHub Exploit DB Packet Storm
191260 7.8 重要
Local 		Linux
日本電気
Debian
Canonical
レッドハット		 - Linux カーネルのメモリサブシステムに実装されている copy-on-write 機構に競合状態が発生する脆弱性 CWE-362
競合状態 		CVE-2016-5195 2017-07-25 13:45 2016-10-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
51 5.3 MEDIUM
Network 		- - pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/<p… New CWE-209
Information Exposure Through an Error Message 		CVE-2026-44226 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
52 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, multiple tool implementations directly import and invoke raw HTTP clients (node-fetch, axios) … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-43995 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
53 6.2 MEDIUM
Local 		- - jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded recursion in jv_object_merge_recursive() allows a crafted jq program to crash the process with a segfault. The function is reachab… New CWE-674
 Uncontrolled Recursion 		CVE-2026-43896 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
54 4.4 MEDIUM
Local 		- - jq is a command-line JSON processor. In 1.8.1 and earlier, jq accepts embedded NUL bytes in import paths at the jq-language level, but later resolves those paths through C string operations during mo… New CWE-20
CWE-158
 Improper Input Validation 
 Improper Neutralization of Null Byte or NUL Character 		CVE-2026-43895 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
55 6.2 MEDIUM
Local 		- - jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INT_MAX-1 (2147483646) digits, the D2U() macro overflows during signed-int arithmetic.… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-43894 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
56 8.1 HIGH
Network 		- - Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management … New CWE-303
 Incorrect Implementation of Authentication Algorithm 		CVE-2026-43640 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
57 8.0 HIGH
Network 		- - Bitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability that allows a provider service user to add an arbitrary organization to their provider via `POST /providers/{provide… New CWE-862
 Missing Authorization 		CVE-2026-43639 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
58 5.4 MEDIUM
Network 		- - Bitwarden Server prior to v2026.4.1 contains a missing authorization vulnerability that allows any authenticated user to write ciphers into an arbitrary organization via `POST /ciphers/import-organiz… New CWE-862
 Missing Authorization 		CVE-2026-43638 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
59 - - - Inbox Zero is an AI personal assistant for email. Prior to 2.29.3, the cleaner email stream endpoint used a shared Redis subscription listener, which could deliver thread events for one authenticated… New CWE-200
Information Exposure 		CVE-2026-42865 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
60 8.5 HIGH
Network 		- - The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProviderDataViewSet fetches SAML metadata from a… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42860 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm