Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191491	9.8	緊急 Network	GNU Project	-	GNU C Library の nscd におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2014-9984	2017-07-5 15:55	2014-03-12	Show	GitHub Exploit DB Packet Storm

191492	5.4	警告 Network	BigTree CMS	-	BigTree の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-9548	2017-07-5 15:55	2017-06-11	Show	GitHub Exploit DB Packet Storm

191493	5.4	警告 Network	BigTree CMS	-	BigTree の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-9547	2017-07-5 15:55	2017-06-11	Show	GitHub Exploit DB Packet Storm

191494	5.7	警告 Network	BigTree CMS	-	BigTree の admin.php におけるサービス運用妨害 (DoS) の脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-9546	2017-07-5 15:55	2017-06-11	Show	GitHub Exploit DB Packet Storm

191495	9.8	緊急 Network	MavEtJu.org	-	dnstracer におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2017-9430	2017-07-5 15:03	2017-06-5	Show	GitHub Exploit DB Packet Storm

191496	3.3	低 Local	Lenovo	-	Lenovo Power Management ドライバにおけるセキュリティ機能に関する脆弱性	CWE-254 セキュリティ機能	CVE-2017-3741	2017-07-5 14:56	2017-06-4	Show	GitHub Exploit DB Packet Storm

191497	5.5	警告 Local	Lenovo	-	Lenovo Active Protection System における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-3740	2017-07-5 14:55	2017-06-4	Show	GitHub Exploit DB Packet Storm

191498	6.5	警告 Network	Zulip	-	Zulip Server の invite_by_admins_only 設定の実装における別のユーザを Zulip グループに加入するよう招待される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0896	2017-07-5 14:28	2017-05-18	Show	GitHub Exploit DB Packet Storm

191499	4.3	警告 Network	Elasticsearch	-	Elastic X-Pack Security における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-8441	2017-07-5 11:57	2017-06-1	Show	GitHub Exploit DB Packet Storm

191500	6.1	警告 Network	Elasticsearch	-	Kibana の Discover ページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-8440	2017-07-5 11:57	2017-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1	6.3	MEDIUM Network	-	-	A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument ppp_username/ppp_passwd/rwa… New	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-8190	2026-05-10 03:16	2026-05-10	Show	GitHub Exploit DB Packet Storm

2	6.3	MEDIUM Network	-	-	A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlan_bssid/sel_Au… New	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-8189	2026-05-10 02:16	2026-05-10	Show	GitHub Exploit DB Packet Storm

3	6.3	MEDIUM Network	-	-	A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /cgi-bin/adm.cgi. The manipulation of the argument wl_channel/wl_Pass/Encryp… New	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-8188	2026-05-10 01:16	2026-05-10	Show	GitHub Exploit DB Packet Storm

4	5.3	MEDIUM Network	-	-	The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including… New	CWE-200 Information Exposure	CVE-2026-8198	2026-05-9 22:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

5	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled Gra… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42793	2026-05-9 22:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

6	5.3	MEDIUM Network	-	-	A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation resul… New	CWE-119 CWE-125 Incorrect Access of Indexable Resource ('Range Error') Out-of-bounds Read	CVE-2026-8186	2026-05-9 21:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

7	5.3	MEDIUM Network	-	-	A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption… New	CWE-400 CWE-404 Uncontrolled Resource Consumption Improper Resource Shutdown or Release	CVE-2026-8187	2026-05-9 20:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

8	6.3	MEDIUM Adjacent	-	-	A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authe… New	CWE-287 CWE-306 Improper Authentication Missing Authentication for Critical Function	CVE-2026-8185	2026-05-9 20:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

9	7.2	HIGH Network	-	-	Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can e… New	-	CVE-2026-3828	2026-05-9 18:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

10	5.3	MEDIUM Adjacent	-	-	Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to… New	-	CVE-2026-32683	2026-05-9 18:16	2026-05-9	Show	GitHub Exploit DB Packet Storm