Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194081	8.8	重要 Network	OpenEMR	-	OpenEMR における危険なタイプのファイルをアップロードされる脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2017-9380	2017-06-27 15:12	2017-05-23	Show	GitHub Exploit DB Packet Storm

194082	6.1	警告 Network	Tiki Software Community Association	-	Tiki Wiki CMS Groupware の lib/core/TikiFilter/PreventXss.php における XSS フィルタを回避される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-9305	2017-06-27 15:12	2017-04-5	Show	GitHub Exploit DB Packet Storm

194083	8.2	重要 Local	Todd C. Miller	-	Todd Miller の Sudo の get_process_ttyname() 関数における情報を公開される脆弱性	CWE-20 不適切な入力確認	CVE-2017-1000368	2017-06-27 15:12	2017-05-30	Show	GitHub Exploit DB Packet Storm

194084	7.8	重要 Local	Palo Alto Networks	-	Palo Alto Networks Panorama VM アプライアンスの PAN-OS における任意の Python コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2015-6531	2017-06-27 15:12	2015-09-15	Show	GitHub Exploit DB Packet Storm

194085	6.5	警告 Network	マイクロソフト	-	複数の Microsoft Windows および Office 製品の Uniscribe におけるメモリコンテンツを不適切に公開される脆弱性	CWE-200 情報漏えい	CVE-2017-8534	2017-06-27 15:10	2017-06-13	Show	GitHub Exploit DB Packet Storm

194086	6.5	警告 Network	マイクロソフト	-	複数の Microsoft Windows および Office 製品の Graphics におけるメモリコンテンツを不適切に公開される脆弱性	CWE-200 情報漏えい	CVE-2017-8533	2017-06-27 15:10	2017-06-13	Show	GitHub Exploit DB Packet Storm

194087	6.5	警告 Network	マイクロソフト	-	複数の Microsoft Windows および Office 製品の Graphics におけるメモリコンテンツを不適切に公開される脆弱性	CWE-200 情報漏えい	CVE-2017-8532	2017-06-27 15:09	2017-06-13	Show	GitHub Exploit DB Packet Storm

194088	6.5	警告 Network	マイクロソフト	-	複数の Microsoft Windows および Office 製品の Graphics におけるメモリコンテンツを不適切に公開される脆弱性	CWE-200 情報漏えい	CVE-2017-8531	2017-06-27 15:09	2017-06-13	Show	GitHub Exploit DB Packet Storm

194089	7.5	重要 Network	マイクロソフト	-	複数の Microsoft Windows 製品のブラウザにおける現在のユーザのコンテキストで任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2017-8517	2017-06-27 14:47	2017-06-13	Show	GitHub Exploit DB Packet Storm

194090	7.8	重要 Local	マイクロソフト	-	複数の Microsoft 製品におけるリモートでコードを実行される脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-0260	2017-06-27 14:47	2017-06-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2121	9.8	CRITICAL Network	vercel	turborepo	Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerable to arbitrary code execution when run in untrusted reposi…	CWE-426 Untrusted Search Path	CVE-2026-45772	2026-05-19 23:41	2026-05-16	Show	GitHub Exploit DB Packet Storm

2122	7.5	HIGH Network	ws_project	ws	ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the…	CWE-908 Use of Uninitialized Resource	CVE-2026-45736	2026-05-19 23:39	2026-05-16	Show	GitHub Exploit DB Packet Storm

2123	7.5	HIGH Network	-	-	The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like…	-	CVE-2025-15609	2026-05-19 23:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

2124	9.8	CRITICAL Network	-	-	The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafe_ajax_form_builder' function in all versions up to, an…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-4885	2026-05-19 23:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

2125	9.8	CRITICAL Network	-	-	The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'piotnetforms_ajax_form_builder' function in all versions up to, and including…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-4883	2026-05-19 23:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

2126	7.5	HIGH Network	-	-	The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user suppl…	CWE-89 SQL Injection	CVE-2026-8912	2026-05-19 23:38	2026-05-19	Show	GitHub Exploit DB Packet Storm

2127	6.3	MEDIUM Network	tencent	weknora	A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component…	CWE-285 CWE-639 Improper Authorization Authorization Bypass Through User-Controlled Key	CVE-2026-8786	2026-05-19 23:30	2026-05-18	Show	GitHub Exploit DB Packet Storm

2128	5.3	MEDIUM Network	google	chrome	Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium se…	CWE-664 Improper Control of a Resource Through its Lifetime	CVE-2026-8582	2026-05-19 23:30	2026-05-15	Show	GitHub Exploit DB Packet Storm

2129	7.5	HIGH Network	vercel	ai	A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manip…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-8767	2026-05-19 23:29	2026-05-18	Show	GitHub Exploit DB Packet Storm

2130	4.3	MEDIUM Network	google	chrome	Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity…	CWE-122 Heap-based Buffer Overflow	CVE-2026-8552	2026-05-19 23:27	2026-05-15	Show	GitHub Exploit DB Packet Storm