Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191501	9.8	緊急 Network	Free Time	-	Format Factory における信頼性のない検索パスに関する脆弱性	CWE-426 信頼性のない検索パス	CVE-2017-12414	2017-09-4 15:35	2017-08-2	Show	GitHub Exploit DB Packet Storm

191502	5.5	警告 Local	mpg123 project	-	mpg123 におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-9545	2017-09-4 15:16	2017-07-26	Show	GitHub Exploit DB Packet Storm

191503	5.5	警告 Local	LAME project	-	LAME におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-9412	2017-09-4 15:16	2017-07-26	Show	GitHub Exploit DB Packet Storm

191504	5.5	警告 Local	LAME project	-	LAME におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-9411	2017-09-4 15:16	2017-07-26	Show	GitHub Exploit DB Packet Storm

191505	5.5	警告 Local	LAME project	-	LAME におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-9410	2017-09-4 15:16	2017-07-26	Show	GitHub Exploit DB Packet Storm

191506	5.5	警告 Local	Surina.net	-	SoundTouch におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2017-9260	2017-09-4 15:16	2017-07-26	Show	GitHub Exploit DB Packet Storm

191507	5.5	警告 Local	Surina.net	-	SoundTouch におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2017-9259	2017-09-4 15:16	2017-07-26	Show	GitHub Exploit DB Packet Storm

191508	5.5	警告 Local	Surina.net	-	SoundTouch におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2017-9258	2017-09-4 15:16	2017-07-26	Show	GitHub Exploit DB Packet Storm

191509	8.8	重要 Network	Unitrends	-	Unitrends Backup における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-12479	2017-09-4 15:11	2017-08-2	Show	GitHub Exploit DB Packet Storm

191510	9.8	緊急 Network	Unitrends	-	Unitrends Backup における認証に関する脆弱性	CWE-287 不適切な認証	CVE-2017-12478	2017-09-4 15:11	2017-08-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2011	6.1	MEDIUM Network	hsclabs	mailinspector	HSC MailInspector v5.3.3-7 contains a Cross-Site Scripting (XSS) vulnerability in the /tap/tap.php endpoint due to improper neutralization of user-controlled input using alternate or obfuscated JavaS…	CWE-79 Cross-site Scripting	CVE-2026-29964	2026-05-20 02:20	2026-05-19	Show	GitHub Exploit DB Packet Storm

2012	6.1	MEDIUM Network	hsclabs	mailinspector	HSC MailInspector 5.3.3-7 is vulnerable to Cross Site Scripting (XSS) in the /police/WarningUrlPage.php endpoint due to improper neutralization of user-supplied input that uses alternate or obfuscate…	CWE-79 Cross-site Scripting	CVE-2026-29965	2026-05-20 02:19	2026-05-19	Show	GitHub Exploit DB Packet Storm

2013	4.3	MEDIUM Network	mattermost	mattermost_server	Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with…	CWE-863 Incorrect Authorization	CVE-2026-28732	2026-05-20 02:18	2026-05-18	Show	GitHub Exploit DB Packet Storm

2014	5.0	MEDIUM Network	-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogpt_platform/backen…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-33234	2026-05-20 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

2015	9.9	CRITICAL Network	-	-	Dokploy is a free, self-hostable Platform as a Service (PaaS). Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input…	CWE-78 OS Command	CVE-2026-27130	2026-05-20 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

2016	8.3	HIGH Network	google	chrome	Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…	CWE-787 Out-of-bounds Write	CVE-2026-8548	2026-05-20 02:02	2026-05-15	Show	GitHub Exploit DB Packet Storm

2017	8.8	HIGH Network	google	chrome	Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-8549	2026-05-20 01:58	2026-05-15	Show	GitHub Exploit DB Packet Storm

2018	6.5	MEDIUM Network	google	chrome	Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memo…	CWE-416 Use After Free	CVE-2026-8550	2026-05-20 01:51	2026-05-15	Show	GitHub Exploit DB Packet Storm

2019	7.5	HIGH Network	dhtmlx	pdf_export_module	PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could incl…	CWE-22 Path Traversal	CVE-2026-41552	2026-05-20 01:49	2026-05-15	Show	GitHub Exploit DB Packet Storm

2020	7.5	HIGH Network	twisted	twisted	Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exha…	CWE-400 CWE-407 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity	CVE-2026-42304	2026-05-20 01:47	2026-05-14	Show	GitHub Exploit DB Packet Storm