Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191731 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat の PDF 内のリンクを処理するプラグインにおけるヒープオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-3117 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191732 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat の MakeAccessible プラグインにおけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-3116 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191733 6.5 警告
Network 		アドビシステムズ - Adobe Reader および Acrobat における情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-3115 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191734 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat の JavaScript エンジンにおける任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-3113 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191735 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat におけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-3016 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191736 6.5 警告
Network 		アドビシステムズ - Adobe Reader および Acrobat の Adobe Graphics Manager モジュールにおけるメモリを破損される脆弱性 CWE-200
情報漏えい 		CVE-2017-11265 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191737 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat の XFA レイアウトエンジンのコアにおける任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-11224 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191738 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat の XFA エンジンのコアにおける任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-11223 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191739 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat の Product Representation Compact エンジンにおけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-11222 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
191740 8.8 重要
Network 		アドビシステムズ - Adobe Reader および Acrobat の注釈機能における任意のコードを実行される脆弱性 CWE-704
不正な型変換またはキャスト 		CVE-2017-11221 2017-08-22 16:56 2017-08-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1811 7.5 HIGH
Network 		python urllib3 urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) c… CWE-409
 Improper Handling of Highly Compressed Data (Data Amplification) 		CVE-2026-44432 2026-05-14 22:49 2026-05-14 Show GitHub Exploit DB Packet Storm
1812 5.9 MEDIUM
Network 		haxx curl A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text (via IMAP, SM… CWE-295
CWE-319
Improper Certificate Validation 
Cleartext Transmission of Sensitive Information 		CVE-2026-4873 2026-05-14 22:45 2026-05-13 Show GitHub Exploit DB Packet Storm
1813 5.4 MEDIUM
Network 		vercel next.js Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when s… CWE-436
 Interpretation Conflict 		CVE-2026-44576 2026-05-14 22:44 2026-05-14 Show GitHub Exploit DB Packet Storm
1814 5.9 MEDIUM
Network 		haxx curl curl might erroneously pass on credentials for a first proxy to a second proxy. This can happen when the following conditions are true: 1. curl is setup to use specific different proxies for differ… CWE-522
 Insufficiently Protected Credentials 		CVE-2026-6253 2026-05-14 22:40 2026-05-13 Show GitHub Exploit DB Packet Storm
1815 6.1 MEDIUM
Network 		astro astro Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphert… CWE-323
CWE-79
 Reusing a Nonce, Key Pair in Encryption
Cross-site Scripting 		CVE-2026-45028 2026-05-14 22:28 2026-05-14 Show GitHub Exploit DB Packet Storm
1816 8.8 HIGH
Network 		- - Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspec… CWE-693
 Protection Mechanism Failure 		CVE-2026-45227 2026-05-14 22:16 2026-05-13 Show GitHub Exploit DB Packet Storm
1817 8.1 HIGH
Network 		- - Lemur manages TLS certificate creation. Prior to 1.9.0, Lemur's LDAP authentication module (lemur/auth/ldap.py) constructs LDAP search filters using unsanitized user input via Python string interpola… CWE-90
LDAP Injection 		CVE-2026-44304 2026-05-14 22:16 2026-05-13 Show GitHub Exploit DB Packet Storm
1818 - - - efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the elfinder_checkRisk function validates target and targets for path traversal and home containment, but does not validate the dst (dest… CWE-78
OS Command  		CVE-2026-44258 2026-05-14 22:16 2026-05-13 Show GitHub Exploit DB Packet Storm
1819 7.5 HIGH
Network 		- - basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP s… CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-44240 2026-05-14 22:16 2026-05-13 Show GitHub Exploit DB Packet Storm
1820 9.3 CRITICAL
Network 		- - Pulpy is a lightweight, cross-platform desktop application packager for web apps. Prior to 0.1.1, Pulpy injects a pulpy.fs JavaScript API into every packaged web application, giving it access to the … CWE-22
CWE-284
Path Traversal
Improper Access Control 		CVE-2026-44225 2026-05-14 22:16 2026-05-13 Show GitHub Exploit DB Packet Storm