Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197261 5.3 警告
Network 		Palo Alto Networks - Palo Alto Networks Terminal Services Agent における重要なセッション情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-6356 2017-04-19 11:11 2017-03-15 Show GitHub Exploit DB Packet Storm
197262 5.3 警告
Network 		OpenDaylight Project - OpenDaylight l2switch の hosttracker におけるホストの位置情報を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-1610 2017-04-19 10:33 2015-03-20 Show GitHub Exploit DB Packet Storm
197263 8.8 重要
Network 		マカフィー - McAfee ePO Deep Command の Client Management and Gateway コンポーネントにおける任意のコマンドを実行される脆弱性 CWE-77
コマンドインジェクション 		CVE-2015-8988 2017-04-18 19:09 2015-04-24 Show GitHub Exploit DB Packet Storm
197264 5.3 警告
Network 		マカフィー - McAfee Agent における不適切なアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2015-8987 2017-04-18 19:09 2015-02-17 Show GitHub Exploit DB Packet Storm
197265 5.5 警告
Local 		マカフィー - McAfee Advanced Threat Defense のハードウェアアプライアンスにおけるマルウェアファイルが検出されない脆弱性 CWE-254
セキュリティ機能 		CVE-2015-8986 2017-04-18 19:09 2017-03-14 Show GitHub Exploit DB Packet Storm
197266 9.8 緊急
Network 		マカフィー - McAfee Cloud Analysis and Deconstructive Services における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-9921 2017-04-18 19:07 2014-09-10 Show GitHub Exploit DB Packet Storm
197267 5.3 警告
Network 		Mobatek - MobaXterm Personal Edition の TFTP サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2017-6805 2017-04-18 18:20 2017-03-10 Show GitHub Exploit DB Packet Storm
197268 7.5 重要
Network 		CA Technologies - CA Unified Infrastructure Management および CA Unified Infrastructure Management Snap におけるアクティブなセッション ID を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-9165 2017-04-18 18:16 2016-11-9 Show GitHub Exploit DB Packet Storm
197269 7 重要
Local 		マカフィー - Intel Security WebAdvisor における悪意のあるファイルを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-8992 2017-04-18 18:05 2015-12-2 Show GitHub Exploit DB Packet Storm
197270 7.5 重要
Network 		マカフィー - Intel Security Advanced Threat Defense における ATD 検出を回避される脆弱性 CWE-254
セキュリティ機能 		CVE-2015-8990 2017-04-18 18:05 2015-07-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2131 6.5 MEDIUM
Adjacent 		- - A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTP_MSG_MANAGEMENT message to se… CWE-1335
 Incorrect Bitwise Shift of Integer 		CVE-2026-5072 2026-05-27 03:16 2026-05-22 Show GitHub Exploit DB Packet Storm
2132 8.2 HIGH
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which silently turns on --domain at engine/flags.go:372), the request… CWE-22
CWE-23
CWE-644
Path Traversal
 Relative Path Traversal
 Improper Neutralization of HTTP Headers for Scripting Syntax 		CVE-2026-48126 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2133 - - - Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given k… CWE-287
CWE-345
CWE-697
Improper Authentication
 Insufficient Verification of Data Authenticity
 Incorrect Comparison 		CVE-2026-47202 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2134 4.3 MEDIUM
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, the SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard * regardless of the caller's O… CWE-942
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2026-46431 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2135 7.5 HIGH
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibl… CWE-209
CWE-489
CWE-540
CWE-1188
Information Exposure Through an Error Message
Exposure of Data Element to Wrong Session 
 Inclusion of Sensitive Information in Source Code
 Insecure Default Initialization of Resource 		CVE-2026-45728 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2136 9.0 CRITICAL
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent… CWE-20
CWE-426
CWE-552
 Improper Input Validation 
 Untrusted Search Path
 Files or Directories Accessible to External Parties 		CVE-2026-45721 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2137 - - - Kavita is a cross platform reading server. Prior to 0.9.0, the download, size-check, and chapter metadata endpoints do not enforce library-level authorization. A low-privileged user who knows or gues… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-44776 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2138 - - - Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with [AllowAnonymous], allowing completely unauthenticated access to page images from an… CWE-306
Missing Authentication for Critical Function 		CVE-2026-44775 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2139 4.3 MEDIUM
Network 		- - The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts (e.g., regex patterns) and revealing underlying URI parsing logic. Leadi… CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-44749 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2140 6.8 MEDIUM
Network 		- - Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover (Pre-ATO) vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enf… CWE-283
CWE-287
 Unverified Ownership
Improper Authentication 		CVE-2026-44707 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm