Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191521 5.4 警告
Network 		IBM - IBM QRadar におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1234 2017-07-13 16:33 2017-06-19 Show GitHub Exploit DB Packet Storm
191522 5.9 警告
Network 		IBM - IBM QRadar における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9972 2017-07-13 16:33 2016-12-16 Show GitHub Exploit DB Packet Storm
191523 7.5 重要
Network 		IBM - IBM QRadar におけるセキュリティ機能に関する脆弱性 CWE-254
セキュリティ機能 		CVE-2016-9738 2017-07-13 16:33 2016-12-1 Show GitHub Exploit DB Packet Storm
191524 6.5 警告
Network 		OpenVPN Technologies - OpenVPN におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-7522 2017-07-13 16:27 2017-06-27 Show GitHub Exploit DB Packet Storm
191525 7.5 重要
Network 		OpenVPN Technologies - OpenVPN におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2017-7508 2017-07-13 16:27 2017-06-27 Show GitHub Exploit DB Packet Storm
191526 7.8 重要
Local 		Linux - Linux Kernel の sound/oss/msnd_pinnacle.c の intr 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-9986 2017-07-13 16:10 2017-06-20 Show GitHub Exploit DB Packet Storm
191527 7.8 重要
Local 		Linux - Linux Kernel の sound/isa/msnd/msnd_midi.c の snd_msndmidi_input_read 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-9985 2017-07-13 16:10 2017-06-20 Show GitHub Exploit DB Packet Storm
191528 7.8 重要
Local 		Linux - Linux Kernel の sound/isa/msnd/msnd_pinnacle.c の snd_msnd_interrupt 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-9984 2017-07-13 16:10 2017-06-20 Show GitHub Exploit DB Packet Storm
191529 7.5 重要
Network 		マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-6354 2017-07-13 15:42 2014-08-12 Show GitHub Exploit DB Packet Storm
191530 7.8 重要
Local 		Flatpak - Flatpak における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-9780 2017-07-13 15:35 2017-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
541 7.2 HIGH
Network 		- - A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cann… CWE-912
 Hidden Functionality 		CVE-2026-7413 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
542 6.6 MEDIUM
Local 		- - Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 enc… CWE-122
CWE-190
Heap-based Buffer Overflow
 Integer Overflow or Wraparound 		CVE-2026-45130 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
543 3.8 LOW
Network 		- - SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If th… CWE-269
 Improper Privilege Management 		CVE-2026-44987 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
544 - - - Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… CWE-78
OS Command  		CVE-2026-44656 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
545 8.9 HIGH
Network 		- - Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their ow… CWE-79
Cross-site Scripting 		CVE-2026-42556 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
546 9.9 CRITICAL
Network 		- - Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, all Docker container management endpoints in Termix interpolate t… CWE-78
OS Command  		CVE-2026-42454 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
547 8.1 HIGH
Network 		- - Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT (temp_token) for TOTP-enabled… CWE-304
 Missing Critical Step in Authentication 		CVE-2026-42452 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
548 6.3 MEDIUM
Local 		- - Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting (XSS) vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary Java… CWE-79
CWE-80
Cross-site Scripting
Basic XSS 		CVE-2026-42451 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
549 9.1 CRITICAL
Network 		- - Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the SAML SSO implementation of Sentry. The vulne… CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-42354 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
550 8.6 HIGH
Network 		- - pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, OGC API process execution requests can use the subscriber object to reques… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42352 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm