Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194481 6.5 警告
Network 		IBM - IBM Tivoli Application Dependency Discovery Manager におけるシステム上のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2016-8925 2017-05-18 11:19 2016-10-25 Show GitHub Exploit DB Packet Storm
194482 9.8 緊急
Network 		Smart related articles project - Joomla! 用 Smart related articles エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-7628 2017-05-18 10:56 2017-04-13 Show GitHub Exploit DB Packet Storm
194483 5.3 警告
Network 		Smart related articles project - Joomla! 用 Smart related articles エクステンションにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-7627 2017-05-18 10:56 2017-04-13 Show GitHub Exploit DB Packet Storm
194484 6.1 警告
Network 		Smart related articles project - Joomla! 用 Smart related articles エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-7626 2017-05-18 10:56 2017-04-13 Show GitHub Exploit DB Packet Storm
194485 6.1 警告
Network 		Mozilla Foundation - Bugzilla の依存グラフにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-2803 2017-05-18 10:38 2016-05-16 Show GitHub Exploit DB Packet Storm
194486 8.8 重要
Network 		シマンテック - Symantec Web Gateway における任意の OS コマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2016-5313 2017-05-18 10:20 2016-10-5 Show GitHub Exploit DB Packet Storm
194487 7.5 重要
Network 		OpenStack
Canonical		 - OpenStack Nova-LXD におけるセキュリティ制限を回避される脆弱性 CWE-254
セキュリティ機能 		CVE-2017-5936 2017-05-18 10:18 2017-02-9 Show GitHub Exploit DB Packet Storm
194488 6.1 警告
Network 		Tilde Inc. - Ember.js におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-7565 2017-05-18 10:08 2015-09-29 Show GitHub Exploit DB Packet Storm
194489 7.5 重要
Network 		Ping Identity - Apache 用 Ping Identity OpenID Connect 認証モジュールの Mod_auth_openidc.c におけるページのコンテンツを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6059 2017-05-18 10:06 2017-01-26 Show GitHub Exploit DB Packet Storm
194490 7.3 重要
Network 		Apache Software Foundation - Apache FOP における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2017-5661 2017-05-18 10:01 2017-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1351 7.5 HIGH
Network 		open5gs open5gs A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such mani… Update CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8222 2026-05-13 02:49 2026-05-10 Show GitHub Exploit DB Packet Storm
1352 7.5 HIGH
Network 		open5gs open5gs A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of … Update CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8224 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
1353 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by… Update CWE-89
SQL Injection 		CVE-2025-14179 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
1354 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global m… Update CWE-416
 Use After Free 		CVE-2026-6722 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
1355 6.1 MEDIUM
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause t… Update CWE-79
Cross-site Scripting 		CVE-2026-6735 2026-05-13 02:43 2026-05-10 Show GitHub Exploit DB Packet Storm
1356 7.5 HIGH
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, including urldecode(), pass signed char to ctype functions (like isxdigit()). On… Update CWE-125
Out-of-bounds Read 		CVE-2026-7258 2026-05-13 02:41 2026-05-10 Show GitHub Exploit DB Packet Storm
1357 6.5 MEDIUM
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to  a NULL pointer dereference, re… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-7259 2026-05-13 02:40 2026-05-10 Show GitHub Exploit DB Packet Storm
1358 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is configured with SOAP_PERSISTENCE_SESSION, the handler object is persisted acr… Update CWE-416
 Use After Free 		CVE-2026-7261 2026-05-13 02:40 2026-05-10 Show GitHub Exploit DB Packet Storm
1359 7.5 HIGH
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which check… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-7262 2026-05-13 02:39 2026-05-10 Show GitHub Exploit DB Packet Storm
1360 7.5 HIGH
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the cur… Update CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2026-7568 2026-05-13 02:38 2026-05-10 Show GitHub Exploit DB Packet Storm