Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191591 9.8 緊急
Network 		IBM - IBM Domino における複数のセッションを使用する資格情報を盗まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2016-6087 2017-07-3 11:40 2016-06-29 Show GitHub Exploit DB Packet Storm
191592 7.5 重要
Network 		ジュニパーネットワークス - 複数の Juniper Networks デバイス上で稼動する Junos OS における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-2304 2017-07-3 10:47 2017-01-11 Show GitHub Exploit DB Packet Storm
191593 7.5 重要
Network 		ジュニパーネットワークス - Juniper Networks 製品およびプラットフォーム上で稼動する Junos OS におけるデータ処理に関する脆弱性 CWE-19
データ処理 		CVE-2017-2303 2017-07-3 10:47 2017-01-11 Show GitHub Exploit DB Packet Storm
191594 7.5 重要
Network 		ジュニパーネットワークス - Juniper Networks 製品およびプラットフォーム上で稼動する Junos OS におけるデータ処理に関する脆弱性 CWE-19
データ処理 		CVE-2017-2302 2017-07-3 10:46 2017-01-11 Show GitHub Exploit DB Packet Storm
191595 7.5 重要
Network 		ジュニパーネットワークス - Juniper Networks 製品およびプラットフォーム上で稼動する Junos OS におけるデータ処理に関する脆弱性 CWE-19
データ処理 		CVE-2017-2301 2017-07-3 10:46 2017-01-11 Show GitHub Exploit DB Packet Storm
191596 7.5 重要
Network 		The Chicken Team - Spiffy におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-8235 2017-06-30 18:00 2015-11-11 Show GitHub Exploit DB Packet Storm
191597 4.3 警告
Network 		IBM - IBM Security Access Manager for Web におけるサーバの特権機能にアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3051 2017-06-30 17:54 2016-03-9 Show GitHub Exploit DB Packet Storm
191598 6.5 警告
Network 		IBM - IBM Security Access Manager for Web における機密性の高い情報を解読される脆弱性 CWE-326
不適切な暗号強度 		CVE-2016-3019 2017-06-30 17:54 2016-03-9 Show GitHub Exploit DB Packet Storm
191599 7.5 重要
Network 		Bitcoin Project - Bitcoin のプルーフ・オブ・ワークのアルゴリズムにおける暗号の脆弱な PRNG の使用に関する脆弱性 CWE-338
暗号における脆弱な PRNG の使用 		CVE-2017-9230 2017-06-30 17:48 2017-04-5 Show GitHub Exploit DB Packet Storm
191600 9.8 緊急
Network 		gRPC - Google gRPC における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2017-9431 2017-06-30 17:38 2017-04-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191 7.3 HIGH
Network 		- - PraisonAI is a multi-agent teams system. From version 2.5.6 to before version 4.6.34, PraisonAI ships a legacy Flask API server with authentication disabled by default. When that server is used, any … New CWE-306
CWE-668
CWE-1188
Missing Authentication for Critical Function
 Exposure of Resource to Wrong Sphere
 Insecure Default Initialization of Resource 		CVE-2026-44338 2026-05-9 00:53 2026-05-8 Show GitHub Exploit DB Packet Storm
192 8.4 HIGH
Local 		- - PraisonAI is a multi-agent teams system. From version 4.5.139 to before version 4.6.32, CVE-2026-40287's fix gated tools.py auto-import behind PRAISONAI_ALLOW_LOCAL_TOOLS=true in two files (tool_reso… New CWE-94
Code Injection 		CVE-2026-44334 2026-05-9 00:53 2026-05-8 Show GitHub Exploit DB Packet Storm
193 - - - PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP (Model Context Protocol) server (praisonai mcp serve) registers four file-handling tools by default — praisonai.rules… New CWE-20
CWE-22
CWE-94
CWE-829
CWE-913
 Improper Input Validation 
Path Traversal
Code Injection
 Inclusion of Functionality from Untrusted Control Sphere
 Improper Control of Dynamically-Managed Code Resources 		CVE-2026-44336 2026-05-9 00:53 2026-05-8 Show GitHub Exploit DB Packet Storm
194 8.6 HIGH
Network 		- - PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.37 and praisonaiagents version 1.6.37, praisonaiagents resolves unresolved tool names against module globals and __main__ after… New CWE-470
Unsafe Reflection 		CVE-2026-44339 2026-05-9 00:53 2026-05-8 Show GitHub Exploit DB Packet Storm
195 - - - PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the _safe_extractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member… New CWE-22
CWE-59
Path Traversal
Link Following 		CVE-2026-44340 2026-05-9 00:53 2026-05-8 Show GitHub Exploit DB Packet Storm
196 - - - LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.80.5 to before version 1.83.7, the POST /prompts/test endpoint accepted user-supplied prompt templ… New CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-42203 2026-05-9 00:52 2026-05-8 Show GitHub Exploit DB Packet Storm
197 - - - LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST… New CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-42271 2026-05-9 00:52 2026-05-8 Show GitHub Exploit DB Packet Storm
198 - - - NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks. New CWE-266
 Incorrect Privilege Assignment 		CVE-2026-8148 2026-05-9 00:51 2026-05-8 Show GitHub Exploit DB Packet Storm
199 9.8 CRITICAL
Network 		- - OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.21.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS. New CWE-78
OS Command  		CVE-2026-8153 2026-05-9 00:51 2026-05-8 Show GitHub Exploit DB Packet Storm
200 - - - A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary code execution as root on the server side. Depending on imp… New CWE-290
CWE-807
 Authentication Bypass by Spoofing
 Reliance on Untrusted Inputs in a Security Decision 		CVE-2026-6213 2026-05-9 00:51 2026-05-8 Show GitHub Exploit DB Packet Storm