Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191791 7.5 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品における認証の拡張保護を回避される脆弱性 CWE-287
不適切な認証 		CVE-2017-8495 2017-07-18 16:48 2017-07-11 Show GitHub Exploit DB Packet Storm
191792 4.7 警告
Local 		マイクロソフト - 複数の Microsoft Windows 製品における情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-8486 2017-07-18 16:48 2017-07-11 Show GitHub Exploit DB Packet Storm
191793 8.8 重要
Network 		マイクロソフト - Microsoft SharePoint Enterprise Server 2016 における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8569 2017-07-18 16:39 2017-07-11 Show GitHub Exploit DB Packet Storm
191794 7 重要
Local 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8566 2017-07-18 16:39 2017-07-11 Show GitHub Exploit DB Packet Storm
191795 7.5 重要
Network 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 の Microsoft Edge におけるリモートでコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8619 2017-07-18 16:26 2017-07-11 Show GitHub Exploit DB Packet Storm
191796 9.8 緊急
Network 		マイクロソフト - 複数の Microsoft Windows 製品におけるリモートでコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8589 2017-07-18 16:09 2017-07-11 Show GitHub Exploit DB Packet Storm
191797 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の Windows Explorer におけるサービス運用妨害 (DoS) の脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-8587 2017-07-18 16:09 2017-07-11 Show GitHub Exploit DB Packet Storm
191798 7.5 重要
Adjacent 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 におけるリモートでコードを実行される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-8584 2017-07-18 16:09 2017-07-11 Show GitHub Exploit DB Packet Storm
191799 7 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Win32k における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8581 2017-07-18 16:09 2017-07-11 Show GitHub Exploit DB Packet Storm
191800 7 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Win32k における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8580 2017-07-18 16:09 2017-07-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1171 8.8 HIGH
Network 		- - Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct… New CWE-863
 Incorrect Authorization 		CVE-2026-42843 2026-05-12 02:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1172 5.4 MEDIUM
Network 		- - The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Grav CMS Form plugin's select field template. Taxono… New CWE-79
Cross-site Scripting 		CVE-2026-42842 2026-05-12 02:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1173 - - - Grav is a file-based Web platform. Prior to 2.0.0-beta.2, there is a Path Traversal vulnerability within the FormFlash core component. By manipulating the session_id (passed as __form-flash-id in POS… New CWE-22
Path Traversal 		CVE-2026-42608 2026-05-12 02:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1174 4.3 MEDIUM
Network 		- - AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLL… Update CWE-200
CWE-639
Information Exposure
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42456 2026-05-12 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
1175 - - - Clerk JavaScript is the official JavaScript repository for Clerk authentication. has(), auth.protect(), and related authorization predicates in @clerk/shared, @clerk/nextjs, @clerk/backend, and other… New CWE-754
CWE-863
 Improper Check for Unusual or Exceptional Conditions
 Incorrect Authorization 		CVE-2026-42349 2026-05-12 02:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1176 - - - New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-591… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42339 2026-05-12 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
1177 6.5 MEDIUM
Network 		- - FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_mes… Update CWE-369
 Divide By Zero 		CVE-2026-42209 2026-05-12 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
1178 6.2 MEDIUM
Local 		- - Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expand_rows() can corrupt the relationship between the grid’s logical dimensions and … Update CWE-190
 Integer Overflow or Wraparound 		CVE-2026-42199 2026-05-12 02:16 2026-05-9 Show GitHub Exploit DB Packet Storm
1179 8.6 HIGH
Network 		- - In Meari IoT SDK builds embedded in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and white-label Android apps <= 1.8.x (latest observed), multiple security-critical secrets are hardcoded an… New CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-33362 2026-05-12 02:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1180 7.5 HIGH
Network 		- - In Meari IoT SDK image handling (libmrplayer.so) as observed in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and related white-label apps (<= 1.8.x), baby monitor ".jpgx3" files use reversi… New CWE-326
Inadequate Encryption Strength 		CVE-2026-33361 2026-05-12 02:16 2026-05-12 Show GitHub Exploit DB Packet Storm