Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191641	7.5	重要 Network	FineCMS project	-	FineCMS における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-11178	2017-08-31 15:29	2017-07-11	Show	GitHub Exploit DB Packet Storm

191642	8.8	重要 Network	Chyrp Lite project	-	Chyrp Lite におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-1000008	2017-08-31 15:29	2017-01-7	Show	GitHub Exploit DB Packet Storm

191643	7	重要 Local	The Foreman レッドハット	-	Foreman における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2016-4996	2017-08-31 15:29	2016-06-22	Show	GitHub Exploit DB Packet Storm

191644	4.7	警告 Local	OpenLDAP Foundation	-	openldap-servers における競合状態に関する脆弱性	CWE-362 競合状態	CVE-2016-4984	2017-08-31 15:29	2016-06-13	Show	GitHub Exploit DB Packet Storm

191645	7.5	重要 Network	Betterment Holdings Inc.	-	TestTrack サーバにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2017-1000068	2017-08-31 15:24	2017-04-6	Show	GitHub Exploit DB Packet Storm

191646	9.8	緊急 Network	Kubernetes	-	Kubernetes における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-1000056	2017-08-31 15:24	2017-03-22	Show	GitHub Exploit DB Packet Storm

191647	7.5	重要 Network	qs project	-	qs モジュールにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-1000048	2017-08-31 15:24	2017-03-6	Show	GitHub Exploit DB Packet Storm

191648	8.8	重要 Network	MetInfo	-	MetInfo における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-11347	2017-08-31 14:43	2017-07-17	Show	GitHub Exploit DB Packet Storm

191649	6.1	警告 Network	MetInfo	-	MetInfo におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-9764	2017-08-31 14:43	2017-07-19	Show	GitHub Exploit DB Packet Storm

191650	6.1	警告 Network	Kopano	-	Kopano WebApp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-11666	2017-08-31 14:29	2017-07-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2221	8.3	HIGH Network	google	chrome	Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …	CWE-416 Use After Free	CVE-2026-8533	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

2222	5.3	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a craf…	CWE-20 Improper Input Validation	CVE-2026-8538	2026-05-19 10:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

2223	8.8	HIGH Network	google	chrome	Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-843 Type Confusion	CVE-2026-8540	2026-05-19 10:29	2026-05-15	Show	GitHub Exploit DB Packet Storm

2224	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef is accessible without authentication and executes request.ap…	CWE-862 Missing Authorization	CVE-2026-45667	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

2225	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/{note_id} endpoint lacks proper authorization checks, allowin…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45666	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

2226	8.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Banner component due…	CWE-79 Cross-site Scripting	CVE-2026-45665	2026-05-19 10:28	2026-05-16	Show	GitHub Exploit DB Packet Storm

2227	6.3	MEDIUM Network	-	-	A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based …	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-8733	2026-05-19 06:16	2026-05-17	Show	GitHub Exploit DB Packet Storm

2228	-		-	-	* Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. * KSU keys using SYMCRYPTO will be impacted by this vulnerability.	CWE-331 Insufficient Entropy	CVE-2025-14972	2026-05-19 05:27	2026-05-16	Show	GitHub Exploit DB Packet Storm

2229	8.2	HIGH Network	-	-	A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control fu…	CWE-124 Buffer Underflow	CVE-2026-34253	2026-05-19 05:23	2026-05-16	Show	GitHub Exploit DB Packet Storm

2230	7.5	HIGH Network	-	-	An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream._write, lib/smtp-stream.js components	CWE-400 Uncontrolled Resource Consumption	CVE-2026-38728	2026-05-19 05:23	2026-05-16	Show	GitHub Exploit DB Packet Storm