Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191491 9.8 緊急
Network 		GNU Project - GNU C Library の nscd におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2014-9984 2017-07-5 15:55 2014-03-12 Show GitHub Exploit DB Packet Storm
191492 5.4 警告
Network 		BigTree CMS - BigTree の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-9548 2017-07-5 15:55 2017-06-11 Show GitHub Exploit DB Packet Storm
191493 5.4 警告
Network 		BigTree CMS - BigTree の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-9547 2017-07-5 15:55 2017-06-11 Show GitHub Exploit DB Packet Storm
191494 5.7 警告
Network 		BigTree CMS - BigTree の admin.php におけるサービス運用妨害 (DoS) の脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-9546 2017-07-5 15:55 2017-06-11 Show GitHub Exploit DB Packet Storm
191495 9.8 緊急
Network 		MavEtJu.org - dnstracer におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-9430 2017-07-5 15:03 2017-06-5 Show GitHub Exploit DB Packet Storm
191496 3.3
Local 		Lenovo - Lenovo Power Management ドライバにおけるセキュリティ機能に関する脆弱性 CWE-254
セキュリティ機能 		CVE-2017-3741 2017-07-5 14:56 2017-06-4 Show GitHub Exploit DB Packet Storm
191497 5.5 警告
Local 		Lenovo - Lenovo Active Protection System における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-3740 2017-07-5 14:55 2017-06-4 Show GitHub Exploit DB Packet Storm
191498 6.5 警告
Network 		Zulip - Zulip Server の invite_by_admins_only 設定の実装における別のユーザを Zulip グループに加入するよう招待される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-0896 2017-07-5 14:28 2017-05-18 Show GitHub Exploit DB Packet Storm
191499 4.3 警告
Network 		Elasticsearch - Elastic X-Pack Security における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8441 2017-07-5 11:57 2017-06-1 Show GitHub Exploit DB Packet Storm
191500 6.1 警告
Network 		Elasticsearch - Kibana の Discover ページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-8440 2017-07-5 11:57 2017-06-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
281 5.4 MEDIUM
Network 		traccar traccar Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the KML and GPX export functionality writes device names to XML output without proper … Update CWE-91
Blind XPath Injection 		CVE-2026-27693 2026-05-9 05:04 2026-05-5 Show GitHub Exploit DB Packet Storm
282 5.4 MEDIUM
Network 		traccar traccar Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver n… Update CWE-79
Cross-site Scripting 		CVE-2026-27694 2026-05-9 05:03 2026-05-5 Show GitHub Exploit DB Packet Storm
283 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot con… Update NVD-CWE-noinfo
CVE-2026-43273 2026-05-9 05:01 2026-05-6 Show GitHub Exploit DB Packet Storm
284 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-43272 2026-05-9 05:00 2026-05-6 Show GitHub Exploit DB Packet Storm
285 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() In mtk_mdp_probe(), vpu_get_plat_device() increases the reference co… Update NVD-CWE-Other
CVE-2026-43270 2026-05-9 05:00 2026-05-6 Show GitHub Exploit DB Packet Storm
286 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in process_metadata_update The function process_metadata_update() blindly dereferences t… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-43271 2026-05-9 05:00 2026-05-6 Show GitHub Exploit DB Packet Storm
287 4.6 MEDIUM
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval() function on… Update CWE-79
Cross-site Scripting 		CVE-2026-42086 2026-05-9 04:54 2026-05-5 Show GitHub Exploit DB Packet Storm
288 4.3 MEDIUM
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in… Update CWE-23
 Relative Path Traversal 		CVE-2026-42085 2026-05-9 04:54 2026-05-5 Show GitHub Exploit DB Packet Storm
289 8.1 HIGH
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionalit… Update CWE-620
 Unverified Password Change 		CVE-2026-42084 2026-05-9 04:54 2026-05-5 Show GitHub Exploit DB Packet Storm
290 9.6 CRITICAL
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability e… Update CWE-89
SQL Injection 		CVE-2026-42087 2026-05-9 04:53 2026-05-5 Show GitHub Exploit DB Packet Storm