Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192241	5.3	警告 Network	F5 Networks	-	F5 BIG-IP APM における範囲エラーに関する脆弱性	CWE-118 インデックス化が可能なリソースの不適切なアクセス (範囲エラー)	CVE-2017-0302	2017-06-6 16:34	2017-05-5	Show	GitHub Exploit DB Packet Storm

192242	6.1	警告 Network	F5 Networks	-	F5 BIG-IP APM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-9257	2017-06-6 16:28	2016-11-9	Show	GitHub Exploit DB Packet Storm

192243	3.3	低 Local	RuboCop project	-	RuboCop における他のユーザのキャッシュファイルを改ざんされる脆弱性	CWE-254 セキュリティ機能	CVE-2017-8418	2017-06-6 16:26	2017-05-3	Show	GitHub Exploit DB Packet Storm

192244	9.8	緊急 Network	ベリタス	-	Veritas NetBackup アプライアンスにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2017-8859	2017-06-6 16:23	2017-05-7	Show	GitHub Exploit DB Packet Storm

192245	5.5	警告 Local	Linux	-	Linux Kernel の KEYS サブシステムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2017-7472	2017-06-6 16:14	2017-04-27	Show	GitHub Exploit DB Packet Storm

192246	3.3	低 Local	MaruUo Factory	-	MaruUo Factory 製の複数のアタッシェケース製品におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-7843	2017-06-6 16:12	2017-01-16	Show	GitHub Exploit DB Packet Storm

192247	3.3	低 Local	HiBARA Software	-	アタッシェケースにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-7842	2017-06-6 16:10	2017-01-16	Show	GitHub Exploit DB Packet Storm

192248	7.3	重要 Network	NPO法人Rubyプログラミング少年団	-	smalruby-editor における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2017-2096	2017-06-6 15:39	2017-01-24	Show	GitHub Exploit DB Packet Storm

192249	4.2	警告 Network	サイボウズ	-	サイボウズリモートサービスマネージャーにおけるクライアント証明書の検証不備の脆弱性	CWE-Other その他	CVE-2016-7815	2017-06-6 15:36	2017-01-11	Show	GitHub Exploit DB Packet Storm

192250	4.7	警告 Network	株式会社アイ・オー・データ機器	-	アイ・オー・データ製の複数のネットワークカメラ製品における HTTP ヘッダインジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2017-2111	2017-06-6 15:35	2017-03-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
871	6.5	MEDIUM Network	-	-	During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference (IDOR) attack. This vulnerability ex… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-5337	2026-05-5 00:23	2026-05-3	Show	GitHub Exploit DB Packet Storm

872	5.3	MEDIUM Network	-	-	The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information. New	CWE-552 Files or Directories Accessible to External Parties	CVE-2026-5335	2026-05-5 00:23	2026-05-4	Show	GitHub Exploit DB Packet Storm

873	4.9	MEDIUM Network	-	-	Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel. This allows a compromised or rogue Velociraptor client to crash the server … New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-6948	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

874	7.5	HIGH Network	-	-	A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and … New	CWE-130 Improper Handling of Length Parameter Inconsistency	CVE-2026-33846	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

875	8.8	HIGH Local	-	-	A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may res… New	CWE-1386 Insecure Operation on Windows Junction / Mount Point	CVE-2025-58074	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

876	8.3	HIGH Network	-	-	A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider (IDP) identity to an existing AAP user account based on emai… New	CWE-305 Authentication Bypass by Primary Weakness	CVE-2026-6266	2026-05-5 00:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

877	6.5	MEDIUM Network	-	-	An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the a… Update	CWE-158 Improper Neutralization of Null Byte or NUL Character	CVE-2026-23863	2026-05-5 00:21	2026-05-2	Show	GitHub Exploit DB Packet Storm

878	4.3	MEDIUM Network	-	-	Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigg… Update	CWE-940 Improper Verification of Source of a Communication Channel	CVE-2026-23866	2026-05-5 00:21	2026-05-2	Show	GitHub Exploit DB Packet Storm

879	10.0	CRITICAL Network	-	-	GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible… New	CWE-787 Out-of-bounds Write	CVE-2026-42369	2026-05-5 00:21	2026-05-4	Show	GitHub Exploit DB Packet Storm

880	7.3	HIGH Network	-	-	A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of the argument DeptIDList causes sql inje… Update	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7670	2026-05-5 00:19	2026-05-3	Show	GitHub Exploit DB Packet Storm