Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191721	7.8	重要 Local	KDE project	-	KDE kdelibs および KAuth における root 権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-8422	2017-06-20 16:16	2017-05-10	Show	GitHub Exploit DB Packet Storm

191722	5.5	警告 Local	cairographics.org	-	Cairo における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-7475	2017-06-20 16:11	2017-04-23	Show	GitHub Exploit DB Packet Storm

191723	9.8	緊急 Network	Joomla!	-	Joomla! における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-8917	2017-06-20 15:50	2017-05-17	Show	GitHub Exploit DB Packet Storm

191724	7.2	重要 Network	AlienVault	-	AlienVault OSSIM の Asset Discovery スキャナにおける任意のコマンドを実行される脆弱性	CWE-77 コマンドインジェクション	CVE-2015-4046	2017-06-20 15:47	2015-10-23	Show	GitHub Exploit DB Packet Storm

191725	6.7	警告 Local	AlienVault	-	AlienVault OSSIM の Asset Discovery スキャナの sudoers ファイルにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-4045	2017-06-20 15:47	2015-10-23	Show	GitHub Exploit DB Packet Storm

191726	8.8	重要 Network	zlib openSUSE project	-	zlib の inflate.c の inflateMark 関数における脆弱性	CWE-189 数値処理の問題	CVE-2016-9842	2017-06-20 15:46	2016-10-12	Show	GitHub Exploit DB Packet Storm

191727	8.8	重要 Network	zlib openSUSE project	-	zlib の inftrees.c における脆弱性	CWE-189 数値処理の問題	CVE-2016-9840	2017-06-20 15:46	2016-09-22	Show	GitHub Exploit DB Packet Storm

191728	6.1	警告 Network	Zimbra	-	Zimbra Collaboration Suite におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-7288	2017-06-20 15:45	2017-04-28	Show	GitHub Exploit DB Packet Storm

191729	9.8	緊急 Network	Zimbra	-	Zimbra Collaboration Suite におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2017-6821	2017-06-20 15:45	2017-05-24	Show	GitHub Exploit DB Packet Storm

191730	9.8	緊急 Network	Zimbra	-	Zimbra Collaboration Suite における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-6813	2017-06-20 15:45	2017-05-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	9.8	CRITICAL Network	-	-	ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection (SSTI). An attacker with permission to create or edit email templates can inject template expressions that are executed on… New	CWE-94 Code Injection	CVE-2026-38431	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

222	6.1	MEDIUM Network	-	-	ERPNext v15.103.1 and before is vulnerable to Cross Site Scripting (XSS) in the Email Template engine. An attacker with permission to create or edit email templates can inject malicious JavaScript co… New	CWE-79 Cross-site Scripting	CVE-2026-38432	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

223	-		-	-	Vaultwarden is a Bitwarden-compatible server written in Rust. In versions 1.35.4 and earlier, the WebAuthn authentication flow in `validate_webauthn_login()` updates persistent credential metadata (1… New	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-31835	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

224	-		-	-	Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink followin… New	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-31893	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

225	-		-	-	SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided que… New	CWE-89 SQL Injection	CVE-2026-33324	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

226	-		-	-	Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing … New	CWE-862 Missing Authorization	CVE-2026-33420	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

227	-		-	-	PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.2 and earlier, 2.0.0 through 2.1.14, 2.2.0 through 2.4.3, 3.3.0 through 3.10.3, and 4.0.0 through 5.5.0, when t… New	CWE-502 CWE-918 Deserialization of Untrusted Data Server-Side Request Forgery (SSRF)	CVE-2026-34084	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

228	-		-	-	PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.3 and earlier, 2.0.0 through 2.1.15, 2.2.0 through 2.4.4, 3.3.0 through 3.10.4, and 4.0.0 through 5.6.0, the HT… New	CWE-79 Cross-site Scripting	CVE-2026-35453	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

229	8.8	HIGH Network	-	-	A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server b… New	CWE-94 Code Injection	CVE-2026-7841	2026-05-8 00:15	2026-05-6	Show	GitHub Exploit DB Packet Storm

230	7.5	HIGH Network	-	-	Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered a… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-34473	2026-05-8 00:15	2026-05-7	Show	GitHub Exploit DB Packet Storm