Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196671 5.5 警告
Local 		openSUSE project
libgit2
SUSE
Fedora Project		 - libgit2 の oid.c の git_commit_message 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2016-8568 2017-02-14 13:45 2016-11-3 Show GitHub Exploit DB Packet Storm
196672 6.5 警告
Network 		Inverse inc. - SOGo におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-6188 2017-02-14 12:28 2016-02-17 Show GitHub Exploit DB Packet Storm
196673 6.1 警告
Network 		SANADATA - SANADATA SanaCMS の index.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5882 2017-02-14 12:00 2017-02-4 Show GitHub Exploit DB Packet Storm
196674 5.5 警告
Local 		Linux - Linux Kernel の drivers/usb/serial/kl5kusb105.c における重要な情報を取得される脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2017-5549 2017-02-14 11:31 2017-01-20 Show GitHub Exploit DB Packet Storm
196675 6.5 警告
Local 		Linux - Linux Kernel の arch/x86/kvm/vmx.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2017-2596 2017-02-14 11:31 2017-02-6 Show GitHub Exploit DB Packet Storm
196676 4.3 警告
Physics 		Linux - Linux Kernel の fs/ext4/super.c の ext4_fill_super 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2016-10208 2017-02-14 11:31 2016-12-1 Show GitHub Exploit DB Packet Storm
196677 5.5 警告
Local 		OpenJPEG project
Fedora Project		 - OpenJPEG の tcd.c の opj_tcd_init_tile 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-369
ゼロ除算 		CVE-2016-4797 2017-02-14 11:04 2016-05-9 Show GitHub Exploit DB Packet Storm
196678 5.5 警告
Local 		OpenJPEG project
Fedora Project		 - OpenJPEG の common/color.c の color_cmyk_to_rgb におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-4796 2017-02-14 11:04 2016-05-9 Show GitHub Exploit DB Packet Storm
196679 5.5 警告
Local 		OpenJPEG project - OpenJPEG の common/color.c の sycc422_t_rgb 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2016-3183 2017-02-14 11:04 2016-04-30 Show GitHub Exploit DB Packet Storm
196680 7.5 重要
Network 		Artifex Software
Fedora Project		 - Artifex Software, Inc. の MuJS の regexp.c の js_regcomp 関数における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-9108 2017-02-14 10:57 2016-10-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 7.5 HIGH
Network 		coredns.io coredns CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS (DoH) GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decodi… New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-32936 2026-05-9 01:02 2026-05-6 Show GitHub Exploit DB Packet Storm
142 3.3 LOW
Network 		- - Kimai is an open-source time tracking application. Prior to version 2.54.0, the Team API endpoints use #[IsGranted('edit_team')] instead of #[IsGranted('edit', 'team')], causing Symfony TeamVoter to … New CWE-862
 Missing Authorization 		CVE-2026-41498 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
143 7.4 HIGH
Network 		- - Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config properties (auth, baseURL, socketPath, beforeRedirect, and insecureHTTPPars… New CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-42264 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
144 - - - Kimai is an open-source time tracking application. From version 2.27.0 to before version 2.54.0, any ROLE_USER can create a tag with a formula string as its name (e.g. =SUM(54+51)) via POST /api/tags… New CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2026-42267 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
145 4.1 MEDIUM
Network 		- - Kimai is an open-source time tracking application. From version 2.32.0 to before version 2.56.0, users with the role System-Admin (ROLE_SYSTE_ADMIN) and the permission upload_invoice_template can upl… New CWE-22
Path Traversal 		CVE-2026-44298 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
146 7.8 HIGH
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2022-26522 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
147 5.3 MEDIUM
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… New CWE-400
 Uncontrolled Resource Consumption 		CVE-2022-26523 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
148 6.5 MEDIUM
Network 		- - Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field. New CWE-78
OS Command  		CVE-2022-45899 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
149 4.3 MEDIUM
Network 		- - Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/{chat_session_id} endpoint lets any authenticated user stop any other user's active cha… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42276 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
150 6.5 MEDIUM
Network 		- - Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/{file_id} endpoint allows any authenticated user to download any other user's uploaded files by provi… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42277 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm