Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196841 9.8 緊急
Network 		Linux - Linux Kernel の virt/kvm/kvm_main.c の kvm_ioctl_create_device 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
CWE-416
CVE-2016-10150 2017-02-23 14:11 2016-12-8 Show GitHub Exploit DB Packet Storm
196842 7.8 重要
Local 		Google
Linux		 - Linux Kernel の fs/aio.c の aio_mount 関数における SELinux W^X ポリシーの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-10044 2017-02-23 14:11 2016-10-7 Show GitHub Exploit DB Packet Storm
196843 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player の Primetime SDK におけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-2996 2017-02-23 14:01 2017-02-14 Show GitHub Exploit DB Packet Storm
196844 8.8 重要
Network 		アドビシステムズ - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-704
不正な型変換またはキャスト 		CVE-2017-2995 2017-02-23 14:01 2017-02-14 Show GitHub Exploit DB Packet Storm
196845 8.8 重要
Network 		アドビシステムズ - Adobe Flash Player の Primetime SDK のイベントディスパッチにおける任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-2994 2017-02-23 14:01 2017-02-14 Show GitHub Exploit DB Packet Storm
196846 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-2993 2017-02-23 14:00 2017-02-14 Show GitHub Exploit DB Packet Storm
196847 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player におけるヒープオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-2992 2017-02-23 14:00 2017-02-14 Show GitHub Exploit DB Packet Storm
196848 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player の h264 コーデックにおけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-2991 2017-02-23 14:00 2017-02-14 Show GitHub Exploit DB Packet Storm
196849 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player の h264 の解凍ルーチンにおけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-2990 2017-02-23 14:00 2017-02-14 Show GitHub Exploit DB Packet Storm
196850 9.8 緊急
Network 		アドビシステムズ - Adobe Flash Player におけるメモリを破損される脆弱性 CWE-119
バッファエラー 		CVE-2017-2988 2017-02-23 14:00 2017-02-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
451 7.4 HIGH
Network 		- - Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config properties (auth, baseURL, socketPath, beforeRedirect, and insecureHTTPPars… New CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-42264 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
452 - - - Kimai is an open-source time tracking application. From version 2.27.0 to before version 2.54.0, any ROLE_USER can create a tag with a formula string as its name (e.g. =SUM(54+51)) via POST /api/tags… New CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2026-42267 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
453 4.1 MEDIUM
Network 		- - Kimai is an open-source time tracking application. From version 2.32.0 to before version 2.56.0, users with the role System-Admin (ROLE_SYSTE_ADMIN) and the permission upload_invoice_template can upl… New CWE-22
Path Traversal 		CVE-2026-44298 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
454 7.8 HIGH
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2022-26522 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
455 5.3 MEDIUM
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… New CWE-400
 Uncontrolled Resource Consumption 		CVE-2022-26523 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
456 6.5 MEDIUM
Network 		- - Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field. New CWE-78
OS Command  		CVE-2022-45899 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
457 4.3 MEDIUM
Network 		- - Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/{chat_session_id} endpoint lets any authenticated user stop any other user's active cha… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42276 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
458 6.5 MEDIUM
Network 		- - Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/{file_id} endpoint allows any authenticated user to download any other user's uploaded files by provi… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42277 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
459 5.8 MEDIUM
Network 		- - solidtime is an open-source time-tracking app. In version 0.12.0, the PUT /api/v1/organizations/{organization}/time-entries/{timeEntry} API accepts a route-bound timeEntry from another organization w… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42279 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
460 7.5 HIGH
Network 		- - Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445. New CWE-400
 Uncontrolled Resource Consumption 		CVE-2024-27686 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm