Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196171 5.5 警告
Local 		Fabrice Bellard
virglrenderer project		 - QEMU で使用される virglrenderer の vrend_decode.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-5957 2017-03-31 16:10 2017-02-10 Show GitHub Exploit DB Packet Storm
196172 7.5 重要
Network 		R Project - R プログラミング言語の LoadEncoding 機能におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-8714 2017-03-31 15:56 2016-11-17 Show GitHub Exploit DB Packet Storm
196173 9.8 緊急
Network 		Cambium Networks, LTD - Cambium Networks cnPilot R200/201 デバイスにおける脆弱性 CWE-320
鍵管理のエラー 		CVE-2017-5859 2017-03-31 15:52 2017-02-2 Show GitHub Exploit DB Packet Storm
196174 10 緊急
Network 		Pharos Systems International - Pharos PopUp プリンタのクライアントの psnotifyd アプリケーションにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-2788 2017-03-31 15:47 2017-03-7 Show GitHub Exploit DB Packet Storm
196175 9 緊急
Network 		Pharos Systems International - Pharos PopUp プリンタのクライアントの psnotifyd アプリケーションにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-2787 2017-03-31 15:47 2017-03-7 Show GitHub Exploit DB Packet Storm
196176 7.5 重要
Network 		Pharos Systems International - Pharos PopUp プリンタのクライアントの psnotifyd アプリケーションにおけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-2786 2017-03-31 15:47 2017-03-7 Show GitHub Exploit DB Packet Storm
196177 10 緊急
Network 		Pharos Systems International - Pharos PopUp プリンタのクライアントの psnotifyd アプリケーションにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-2785 2017-03-31 15:47 2017-03-7 Show GitHub Exploit DB Packet Storm
196178 6.5 警告
Network 		NTP Project - NTP におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6464 2017-03-31 14:24 2017-03-21 Show GitHub Exploit DB Packet Storm
196179 6.5 警告
Network 		NTP Project - NTP におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6463 2017-03-31 14:24 2017-03-21 Show GitHub Exploit DB Packet Storm
196180 7.8 重要
Local 		NTP Project - NTP の 従来の Datum Programmable Time Server refclock ドライバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-6462 2017-03-31 14:24 2017-03-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1641 6.3 MEDIUM
Network 		- - The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing intended permission checks. This… CWE-281
 Improper Preservation of Permissions 		CVE-2025-8325 2026-05-14 00:25 2026-05-11 Show GitHub Exploit DB Packet Storm
1642 8.6 HIGH
Network 		- - The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth. This vulnerabilit… CWE-400
 Uncontrolled Resource Consumption 		CVE-2025-10470 2026-05-14 00:25 2026-05-11 Show GitHub Exploit DB Packet Storm
1643 6.4 MEDIUM
Adjacent 		- - Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations.… CWE-284
CWE-863
Improper Access Control
 Incorrect Authorization 		CVE-2025-9973 2026-05-14 00:25 2026-05-11 Show GitHub Exploit DB Packet Storm
1644 6.1 MEDIUM
Local 		- - Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the d… CWE-674
 Uncontrolled Recursion 		CVE-2026-1681 2026-05-14 00:25 2026-05-12 Show GitHub Exploit DB Packet Storm
1645 8.3 HIGH
Network 		- - Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by submitting admin=true in PUT /api.php/v1/use… CWE-269
 Improper Privilege Management 		CVE-2026-42562 2026-05-14 00:23 2026-05-10 Show GitHub Exploit DB Packet Storm
1646 - - - Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 to before 7.23.3, and 7.24.0 to before 7.24.2, there is a a privilege escal… CWE-863
 Incorrect Authorization 		CVE-2026-42571 2026-05-14 00:23 2026-05-10 Show GitHub Exploit DB Packet Storm
1647 7.5 HIGH
Network 		- - apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.2.5, a crafted .apk could install a TypeSymlink tar entry whose target poi… CWE-22
CWE-59
Path Traversal
Link Following 		CVE-2026-42574 2026-05-14 00:23 2026-05-10 Show GitHub Exploit DB Packet Storm
1648 7.5 HIGH
Network 		- - apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, apko verifies the signature on APKINDEX.tar.gz but never compares individually downloaded … CWE-345
CWE-494
 Insufficient Verification of Data Authenticity
 Download of Code Without Integrity Check 		CVE-2026-42575 2026-05-14 00:23 2026-05-10 Show GitHub Exploit DB Packet Storm
1649 6.5 MEDIUM
Network 		- - apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, DiscoverKeys in pkg/apk/apk/implementation.go unconditionally type-asserts JWKS keys as *r… CWE-704
 Incorrect Type Conversion or Cast 		CVE-2026-42576 2026-05-14 00:23 2026-05-10 Show GitHub Exploit DB Packet Storm
1650 7.5 HIGH
Network 		golang go The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0). CWE-476
 NULL Pointer Dereference 		CVE-2026-39836 2026-05-14 00:11 2026-05-8 Show GitHub Exploit DB Packet Storm