Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191871	6.1	警告 Network	Pivotal Software, Inc.	-	Pivotal RabbitMQ におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-4967	2017-07-10 16:04	2017-05-4	Show	GitHub Exploit DB Packet Storm

191872	7.8	重要 Local	Pivotal Software, Inc.	-	Pivotal RabbitMQ における証明書・パスワードの管理に関する脆弱性	CWE-255 証明書・パスワード管理	CVE-2017-4966	2017-07-10 16:04	2017-05-4	Show	GitHub Exploit DB Packet Storm

191873	6.1	警告 Network	Pivotal Software, Inc.	-	Pivotal RabbitMQ におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-4965	2017-07-10 16:04	2017-05-4	Show	GitHub Exploit DB Packet Storm

191874	9.8	緊急 Network	Pivotal Software, Inc.	-	Pivotal PCF Elastic Runtime における証明書・パスワードの管理に関する脆弱性	CWE-255 証明書・パスワード管理	CVE-2017-4955	2017-07-10 16:04	2017-03-24	Show	GitHub Exploit DB Packet Storm

191875	5.9	警告 Network	GNU Project	-	Libgcrypt における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2017-9526	2017-07-10 15:56	2017-06-1	Show	GitHub Exploit DB Packet Storm

191876	7.8	重要 Local	mruby project	-	mruby の gc.c の mark_context_stack 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-416 解放済みメモリの使用	CVE-2017-9527	2017-07-10 15:51	2017-04-10	Show	GitHub Exploit DB Packet Storm

191877	8.8	重要 Network	Cloud Foundry Foundation	-	Cloud Foundry Foundation BOSH における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-4961	2017-07-10 15:49	2017-05-1	Show	GitHub Exploit DB Packet Storm

191878	9.8	緊急 Network	Cloud Foundry Foundation	-	Cloud Foundry Foundation routing-release および cf-release における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2016-8218	2017-07-10 15:49	2016-12-9	Show	GitHub Exploit DB Packet Storm

191879	9.8	緊急 Network	Cloud Foundry Foundation	-	Cloud Foundry Foundation Cloud Foundry および cf-mysql-release におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2016-6655	2017-07-10 15:49	2016-10-17	Show	GitHub Exploit DB Packet Storm

191880	9.8	緊急 Network	D-Link Systems, Inc.	-	D-Link DIR-615 ワイヤレス N 300 ルータにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2017-9542	2017-07-10 15:40	2017-06-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1171	8.8	HIGH Network	-	-	Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct… New	CWE-863 Incorrect Authorization	CVE-2026-42843	2026-05-12 02:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1172	5.4	MEDIUM Network	-	-	The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Grav CMS Form plugin's select field template. Taxono… New	CWE-79 Cross-site Scripting	CVE-2026-42842	2026-05-12 02:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1173	-		-	-	Grav is a file-based Web platform. Prior to 2.0.0-beta.2, there is a Path Traversal vulnerability within the FormFlash core component. By manipulating the session_id (passed as __form-flash-id in POS… New	CWE-22 Path Traversal	CVE-2026-42608	2026-05-12 02:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1174	4.3	MEDIUM Network	-	-	AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLL… Update	CWE-200 CWE-639 Information Exposure Authorization Bypass Through User-Controlled Key	CVE-2026-42456	2026-05-12 02:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

1175	-		-	-	Clerk JavaScript is the official JavaScript repository for Clerk authentication. has(), auth.protect(), and related authorization predicates in @clerk/shared, @clerk/nextjs, @clerk/backend, and other… New	CWE-754 CWE-863 Improper Check for Unusual or Exceptional Conditions Incorrect Authorization	CVE-2026-42349	2026-05-12 02:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1176	-		-	-	New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-591… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42339	2026-05-12 02:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

1177	6.5	MEDIUM Network	-	-	FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_mes… Update	CWE-369 Divide By Zero	CVE-2026-42209	2026-05-12 02:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

1178	6.2	MEDIUM Local	-	-	Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expand_rows() can corrupt the relationship between the grid’s logical dimensions and … Update	CWE-190 Integer Overflow or Wraparound	CVE-2026-42199	2026-05-12 02:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

1179	8.6	HIGH Network	-	-	In Meari IoT SDK builds embedded in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and white-label Android apps <= 1.8.x (latest observed), multiple security-critical secrets are hardcoded an… New	CWE-321 Use of Hard-coded Cryptographic Key	CVE-2026-33362	2026-05-12 02:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1180	7.5	HIGH Network	-	-	In Meari IoT SDK image handling (libmrplayer.so) as observed in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and related white-label apps (<= 1.8.x), baby monitor ".jpgx3" files use reversi… New	CWE-326 Inadequate Encryption Strength	CVE-2026-33361	2026-05-12 02:16	2026-05-12	Show	GitHub Exploit DB Packet Storm