Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193341 6.1 警告
Network 		Cloud Foundry Foundation
Pivotal Software, Inc.		 - Cloud Foundry Runtime cf-release などの製品におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2015-3190 2017-06-26 19:01 2015-04-10 Show GitHub Exploit DB Packet Storm
193342 3.7
Network 		Cloud Foundry Foundation
Pivotal Software, Inc.		 - Cloud Foundry Runtime cf-release などの製品におけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み 		CVE-2015-3189 2017-06-26 19:00 2015-04-10 Show GitHub Exploit DB Packet Storm
193343 6.5 警告
Network 		Cloud Foundry Foundation
Pivotal Software, Inc.		 - Pivotal Elastic Runtime および cf-release の Cloud Controller におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-1834 2017-06-26 19:00 2015-04-10 Show GitHub Exploit DB Packet Storm
193344 8.8 重要
Network 		PivotX - PivotX における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2017-8402 2017-06-26 18:15 2017-05-29 Show GitHub Exploit DB Packet Storm
193345 6.5 警告
Network 		Cloud Foundry Foundation
Pivotal Software, Inc.		 - Pivotal Elastic Runtime および cf-release の Loggregator Traffic Controller エンドポイントにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2165 2017-06-26 18:12 2016-03-23 Show GitHub Exploit DB Packet Storm
193346 6.1 警告
Network 		Cloud Foundry Foundation
Pivotal Software, Inc.		 - Cloud Foundry などの製品の UAA OAuth 承認ページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-0781 2017-06-26 18:12 2016-03-23 Show GitHub Exploit DB Packet Storm
193347 7.5 重要
Network 		Cloud Foundry Foundation
Pivotal Software, Inc.		 - Pivotal Elastic Runtime および cf-release におけるリソース管理に関する脆弱性 CWE-399
リソース管理の問題 		CVE-2016-0780 2017-06-26 18:12 2016-03-23 Show GitHub Exploit DB Packet Storm
193348 8.8 重要
Network 		Cloud Foundry Foundation
Pivotal Software, Inc.		 - Cloud Foundry Runtime cf-release などの製品におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2015-3191 2017-06-26 18:12 2015-04-10 Show GitHub Exploit DB Packet Storm
193349 7 重要
Local 		Google - Android の TrustZone における競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2016-10297 2017-06-26 17:35 2017-05-1 Show GitHub Exploit DB Packet Storm
193350 7.8 重要
Local 		Google - Android の TrustZone における二重解放に関する脆弱性 CWE-415
二重解放 		CVE-2015-9007 2017-06-26 17:35 2017-05-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2111 5.5 MEDIUM
Local 		python pillow Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-42310 2026-05-13 02:55 2026-05-9 Show GitHub Exploit DB Packet Storm
2112 4.7 MEDIUM
Local 		apple ipados
iphone_os
macos
visionos 		A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, … CWE-362
Race Condition 		CVE-2026-43659 2026-05-13 02:51 2026-05-12 Show GitHub Exploit DB Packet Storm
2113 7.5 HIGH
Network 		apple ipados
iphone_os
macos
tvos
watchos 		A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing a maliciously crafted image… CWE-121
Stack-based Buffer Overflow 		CVE-2026-43661 2026-05-13 02:51 2026-05-12 Show GitHub Exploit DB Packet Storm
2114 7.5 HIGH
Network 		open5gs open5gs A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such mani… CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8222 2026-05-13 02:49 2026-05-10 Show GitHub Exploit DB Packet Storm
2115 7.5 HIGH
Network 		open5gs open5gs A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of … CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8224 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
2116 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by… CWE-89
SQL Injection 		CVE-2025-14179 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
2117 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global m… CWE-416
 Use After Free 		CVE-2026-6722 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
2118 6.1 MEDIUM
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause t… CWE-79
Cross-site Scripting 		CVE-2026-6735 2026-05-13 02:43 2026-05-10 Show GitHub Exploit DB Packet Storm
2119 7.5 HIGH
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, including urldecode(), pass signed char to ctype functions (like isxdigit()). On… CWE-125
Out-of-bounds Read 		CVE-2026-7258 2026-05-13 02:41 2026-05-10 Show GitHub Exploit DB Packet Storm
2120 6.5 MEDIUM
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to  a NULL pointer dereference, re… CWE-476
 NULL Pointer Dereference 		CVE-2026-7259 2026-05-13 02:40 2026-05-10 Show GitHub Exploit DB Packet Storm