Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196341 5.3 警告
Network 		ownCloud
Nextcloud		 - Nextcloud サーバおよび ownCloud サーバにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-9467 2017-04-27 15:46 2016-10-10 Show GitHub Exploit DB Packet Storm
196342 7.8 重要
Local 		マカフィー - Intel Security McAfee Application Control および Endpoint Security におけるアプリケーション保護を回避される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-8010 2017-04-27 15:45 2016-08-17 Show GitHub Exploit DB Packet Storm
196343 6.5 警告
Network 		マカフィー - Intel Security McAfee Email Gateway におけるファイル拡張フィルタリングに関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-8005 2017-04-27 15:45 2016-06-7 Show GitHub Exploit DB Packet Storm
196344 7.4 重要
Network 		The PHP Group - PHP におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2017-7272 2017-04-27 15:42 2017-03-8 Show GitHub Exploit DB Packet Storm
196345 5.5 警告
Local 		radare - radare2 の libr/util/r_pkcs7.c の r_pkcs7_parse_cms 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-7274 2017-04-27 15:31 2017-03-27 Show GitHub Exploit DB Packet Storm
196346 4.7 警告
Network 		Brave Software Inc. - Brave Browser iOS および Brave Browser Android におけるフルアドレスバーを偽造される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9473 2017-04-27 15:27 2016-10-18 Show GitHub Exploit DB Packet Storm
196347 9.8 緊急
Network 		Hesiod project - Hesiod の lib/hesiod.c の read_config_file 関数における root 権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-10152 2017-04-27 14:50 2016-05-3 Show GitHub Exploit DB Packet Storm
196348 9.8 緊急
Network 		Apache Software Foundation - Apache Camel における信頼性のないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2016-8749 2017-04-27 14:20 2016-10-18 Show GitHub Exploit DB Packet Storm
196349 7.5 重要
Network 		The Chicken Team - CHICKEN の data-structures ユニットの string-translate* プロシージャにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-4556 2017-04-27 14:14 2015-06-14 Show GitHub Exploit DB Packet Storm
196350 8.1 重要
Network 		FreeRADIUS - FreeRADIUS におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2015-8764 2017-04-27 11:27 2015-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2041 9.1 CRITICAL
Network 		- - Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured… CWE-639
CWE-863
 Authorization Bypass Through User-Controlled Key
 Incorrect Authorization 		CVE-2026-42889 2026-05-14 03:21 2026-05-13 Show GitHub Exploit DB Packet Storm
2042 - - - sse-channel is an SSE-implementation which can be used to any node.js http request/response stream. Prior to 4.0.1, implementations that allow user-provided values to be passed to event, retry or id … CWE-93
CRLF Injection 		CVE-2026-44217 2026-05-14 03:21 2026-05-13 Show GitHub Exploit DB Packet Storm
2043 9.0 CRITICAL
Network 		- - ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two dis… CWE-863
 Incorrect Authorization 		CVE-2026-44221 2026-05-14 03:21 2026-05-13 Show GitHub Exploit DB Packet Storm
2044 - - - An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authent… CWE-424
 Improper Protection of Alternate Path 		CVE-2026-0237 2026-05-14 03:17 2026-05-14 Show GitHub Exploit DB Packet Storm
2045 - - - A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on t… CWE-787
 Out-of-bounds Write 		CVE-2026-0263 2026-05-14 03:17 2026-05-14 Show GitHub Exploit DB Packet Storm
2046 - - - A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (Do… CWE-122
Heap-based Buffer Overflow 		CVE-2026-0264 2026-05-14 03:17 2026-05-14 Show GitHub Exploit DB Packet Storm
2047 - - - An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Servi… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-0265 2026-05-14 03:17 2026-05-14 Show GitHub Exploit DB Packet Storm
2048 5.9 MEDIUM
Network 		- - OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer… CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2026-42348 2026-05-14 03:16 2026-05-13 Show GitHub Exploit DB Packet Storm
2049 6.5 MEDIUM
Local 		- - OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP (OpenTelemetry Protocol) exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryPro… CWE-379
 Creation of Temporary File in Directory with Incorrect Permissions 		CVE-2026-42191 2026-05-14 03:16 2026-05-13 Show GitHub Exploit DB Packet Storm
2050 6.3 MEDIUM
Network 		- - Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is cre… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42180 2026-05-14 03:16 2026-05-9 Show GitHub Exploit DB Packet Storm