Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196511	5.3	警告 Network	シスコシステムズ	-	Cisco IOS および Cisco IOx ソフトウェアの Web ベースの管理インターフェースにおけるデバイスへの認証なしで表示される機密情報を閲覧される脆弱性	CWE-200 情報漏えい	CVE-2017-3805	2017-02-8 18:19	2017-01-18	Show	GitHub Exploit DB Packet Storm

196512	4.7	警告 Adjacent	シスコシステムズ	-	Cisco 2960X および 3750X スイッチの Cisco IOS ソフトウェアの転送キューにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2017-3803	2017-02-8 18:19	2017-01-18	Show	GitHub Exploit DB Packet Storm

196513	9.8	緊急 Network	Michael Wallner	-	pecl_http の HTTP URL 構文解析機能におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-5873	2017-02-8 18:18	2016-03-9	Show	GitHub Exploit DB Packet Storm

196514	4.8	警告 Local	valve software	-	Valve Steam におけるファイルを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-5237	2017-02-8 18:17	2016-05-11	Show	GitHub Exploit DB Packet Storm

196515	6.8	警告 Physics	cryptsetup project	-	cryptsetup パッケージ用 Debian initrd スクリプトにおけるシェルのアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2016-4484	2017-02-8 18:15	2016-11-17	Show	GitHub Exploit DB Packet Storm

196516	8.8	重要 Network	GitLab.org	-	Gitlab の偽装の機能における他のユーザとして "ログイン" される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-4340	2017-02-8 18:15	2016-05-2	Show	GitHub Exploit DB Packet Storm

196517	9.8	緊急 Network	Magento, Inc.	-	Magento CE および EE における PHP オブジェクトインジェクション攻撃を実行される脆弱性	CWE-74 インジェクション	CVE-2016-4010	2017-02-8 17:23	2016-05-17	Show	GitHub Exploit DB Packet Storm

196518	9.8	緊急 Network	LibGD project	-	GD Graphics ライブラリの gdImageWebPtr 関数におけるメモリ二重解放の脆弱性	CWE-415 二重解放	CVE-2016-6912	2017-02-8 17:03	2016-08-17	Show	GitHub Exploit DB Packet Storm

196519	7.8	重要 Local	シトリックス・システムズ Xen プロジェクト	-	Xen の x86 エミュレータにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-9386	2017-02-8 16:53	2016-11-22	Show	GitHub Exploit DB Packet Storm

196520	6	警告 Local	シトリックス・システムズ Xen プロジェクト	-	Xen の x86 セグメントベースの書き込みのエミュレーション機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-9385	2017-02-8 16:53	2016-11-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
81	-		-	-	Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000. New	CWE-321 Use of Hard-coded Cryptographic Key	CVE-2026-6787	2026-05-7 01:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

82	7.8	HIGH Local	-	-	The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may b… New	CWE-120 Classic Buffer Overflow	CVE-2026-6691	2026-05-7 01:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

83	-		-	-	Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\\SYS… New	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-41288	2026-05-7 01:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

84	-		-	-	Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulner… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-41286	2026-05-7 01:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

85	-		-	-	Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runt… New	CWE-613 Insufficient Session Expiration	CVE-2026-40934	2026-05-7 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

86	-		-	-	OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnera… New	CWE-22 Path Traversal	CVE-2026-40075	2026-05-7 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

87	-		-	-	lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the find_line() function that allows an unprivileged user to delete OVS-attached network … New	CWE-863 Incorrect Authorization	CVE-2026-39402	2026-05-7 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

88	-		-	-	Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal o… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-39383	2026-05-7 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

89	6.1	MEDIUM Network	-	-	FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin. New	CWE-79 Cross-site Scripting	CVE-2026-38947	2026-05-7 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

90	6.1	MEDIUM Network	-	-	ERPNext v15.103.1 and before is vulnerable to Cross Site Scripting (XSS) in the Email Template engine. An attacker with permission to create or edit email templates can inject malicious JavaScript co… New	CWE-79 Cross-site Scripting	CVE-2026-38432	2026-05-7 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm