Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
196741	5.4	警告 Network	IBM	-	IBM Kenexa LMS on Cloud におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5940	2017-02-13 11:53	2016-06-29	Show	GitHub Exploit DB Packet Storm

196742	6.3	警告 Network	IBM	-	IBM Kenexa LMS on Cloud における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-5939	2017-02-13 11:53	2016-10-12	Show	GitHub Exploit DB Packet Storm

196743	3.3	低 Local	IBM	-	IBM Kenexa LMS on Cloud における Web ページをローカルに保存される脆弱性	CWE-200 情報漏えい	CVE-2016-5938	2017-02-13 11:53	2016-06-29	Show	GitHub Exploit DB Packet Storm

196744	6.1	警告 Network	IBM	-	IBM iNotes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5881	2017-02-13 11:53	2016-06-29	Show	GitHub Exploit DB Packet Storm

196745	6.1	警告 Network	IBM	-	IBM iNotes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5884	2017-02-13 11:53	2016-11-2	Show	GitHub Exploit DB Packet Storm

196746	6.1	警告 Network	IBM	-	IBM iNotes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5882	2017-02-13 11:53	2016-11-2	Show	GitHub Exploit DB Packet Storm

196747	5.4	警告 Network	IBM	-	IBM iNotes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5880	2017-02-13 11:53	2016-11-2	Show	GitHub Exploit DB Packet Storm

196748	5.3	警告 Network	IBM	-	IBM AppScan Source における重要な情報を公開される脆弱性	CWE-200 情報漏えい	CVE-2016-3035	2017-02-13 11:53	2016-12-23	Show	GitHub Exploit DB Packet Storm

196749	6.1	警告 Network	IBM	-	IBM Security Access Manager for Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-3018	2017-02-13 11:53	2016-12-6	Show	GitHub Exploit DB Packet Storm

196750	6.1	警告 Network	IBM	-	IBM iNotes におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-2939	2017-02-13 11:53	2016-11-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
381	-		-	-	NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks. New	CWE-266 Incorrect Privilege Assignment	CVE-2026-8148	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

382	9.8	CRITICAL Network	-	-	OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.21.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS. New	CWE-78 OS Command	CVE-2026-8153	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

383	-		-	-	A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary code execution as root on the server side. Depending on imp… New	CWE-290 CWE-807 Authentication Bypass by Spoofing Reliance on Untrusted Inputs in a Security Decision	CVE-2026-6213	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

384	-		-	-	Open redirection vulnerability in the latest demo version of the Cradle eCommerce platform. The vulnerability occurs in the login form endpoint, where the ‘returnUrl’ parameter allows redirection bec… New	CWE-601 Open Redirect	CVE-2026-3318	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

385	-		-	-	Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based cr… New	CWE-1391 Use of Weak Credentials	CVE-2026-8076	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

386	-		-	-	Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By mod… New	CWE-862 Missing Authorization	CVE-2026-8077	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

387	-		-	-	SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality … New	CWE-862 Missing Authorization	CVE-2026-44125	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

388	-		-	-	SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which can be reached from the new GINA UI and may allow unauthenticated remote attackers to execute code vi… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-44126	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

389	-		-	-	SEPPmail Secure Email Gateway before version 15.0.4 contains an unauthenticated path traversal vulnerability in the identifier parameter of /api.app/attachment/preview that allows remote attackers to… New	CWE-73 External Control of File Name or Path	CVE-2026-44127	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm

390	-		-	-	SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's e… New	CWE-95 Eval Injection	CVE-2026-44128	2026-05-9 00:51	2026-05-8	Show	GitHub Exploit DB Packet Storm