Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191421	5.5	警告 Local	Google	-	Android のメディアフレームワークにおける認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0738	2017-09-5 17:02	2017-08-7	Show	GitHub Exploit DB Packet Storm

191422	7.8	重要 Local	Google	-	Android のメディアフレームワークにおける認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0737	2017-09-5 17:02	2017-08-7	Show	GitHub Exploit DB Packet Storm

191423	5.5	警告 Local	Google	-	Android のメディアフレームワークにおける認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0736	2017-09-5 17:02	2017-08-7	Show	GitHub Exploit DB Packet Storm

191424	5.5	警告 Local	Google	-	Android のメディアフレームワークにおける認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0735	2017-09-5 17:02	2017-08-7	Show	GitHub Exploit DB Packet Storm

191425	5.5	警告 Local	Google	-	Android のメディアフレームワークにおける認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0734	2017-09-5 17:02	2017-08-7	Show	GitHub Exploit DB Packet Storm

191426	6.5	警告 Network	SLiMS	-	SLiMS 8 Akasia におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2017-12586	2017-09-5 16:46	2017-05-26	Show	GitHub Exploit DB Packet Storm

191427	8.1	重要 Network	Electron	-	Electron における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2017-12581	2017-09-5 16:44	2017-05-15	Show	GitHub Exploit DB Packet Storm

191428	8.8	重要 Network	シスコシステムズ (Linksys)	-	Linksys EA4500 デバイスのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-10677	2017-09-5 16:41	2017-08-4	Show	GitHub Exploit DB Packet Storm

191429	9.8	緊急 Network	Adiscon	-	rsyslog における書式文字列に関する脆弱性	CWE-134 書式文字列の問題	CVE-2017-12588	2017-09-5 16:37	2017-06-27	Show	GitHub Exploit DB Packet Storm

191430	7.8	重要 Local	Sandboxie Holdings, LLC.	-	Sandboxie インストーラにおける信頼性のない検索パスに関する脆弱性	CWE-426 信頼性のない検索パス	CVE-2017-12480	2017-09-5 16:37	2017-08-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1941	7.5	HIGH Network	mozilla	firefox thunderbird	Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-8946	2026-05-20 03:50	2026-05-19	Show	GitHub Exploit DB Packet Storm

1942	7.3	HIGH Network	mozilla	firefox thunderbird	Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.	CWE-416 Use After Free	CVE-2026-8947	2026-05-20 03:47	2026-05-19	Show	GitHub Exploit DB Packet Storm

1943	9.6	CRITICAL Network	mozilla	firefox thunderbird	Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140…	CWE-416 Use After Free	CVE-2026-8953	2026-05-20 03:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1944	7.5	HIGH Network	mozilla	firefox thunderbird	Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-8954	2026-05-20 03:42	2026-05-19	Show	GitHub Exploit DB Packet Storm

1945	4.3	MEDIUM Network	microsoft	365_apps office office_long_term_servicing_channel word	External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.	CWE-73 External Control of File Name or Path	CVE-2026-40421	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

1946	7.8	HIGH Local	microsoft	office office_long_term_servicing_channel	Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-42831	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

1947	5.5	MEDIUM Local	microsoft	excel office office_long_term_servicing_channel word	Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-42832	2026-05-20 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

1948	7.5	HIGH Network	h2o	h2o	A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFi…	CWE-200 CWE-284 NVD-CWE-noinfo Information Exposure Improper Access Control	CVE-2026-8750	2026-05-20 03:22	2026-05-17	Show	GitHub Exploit DB Packet Storm

1949	6.5	MEDIUM Network	-	-	Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in t…	CWE-863 Incorrect Authorization	CVE-2026-42883	2026-05-20 03:19	2026-05-12	Show	GitHub Exploit DB Packet Storm

1950	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur…	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-20 03:19	2026-05-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed