Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197821 7.6 重要
Adjacent 		マイクロソフト - 複数の Microsoft Windows 製品の Hyper-V におけるホスト OS 上で任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-0109 2017-03-23 10:04 2017-03-14 Show GitHub Exploit DB Packet Storm
197822 7.6 重要
Adjacent 		マイクロソフト - 複数の Microsoft Windows 製品の Hyper-V におけるホスト OS 上で任意のコードを実行される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-0075 2017-03-23 10:04 2017-03-14 Show GitHub Exploit DB Packet Storm
197823 9.8 緊急
Network 		rubyzip - Ruby 用 rubyzip gem の Zip::File コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2017-5946 2017-03-23 09:47 2017-02-8 Show GitHub Exploit DB Packet Storm
197824 7.5 重要
Network 		TigerVNC
openSUSE project		 - TigerVNC の Xvnc サーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-10207 2017-03-22 18:17 2016-08-24 Show GitHub Exploit DB Packet Storm
197825 7.8 重要
Local 		ジャストシステム - ジャストシステムの一太郎におけるアプリケーションのコンテキスト内でコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-2791 2017-03-22 17:58 2017-02-24 Show GitHub Exploit DB Packet Storm
197826 7.8 重要
Local 		openSUSE project
GraphicsMagick		 - GraphicsMagick の MagickCore/memory.c の AcquireMagickMemory 関数における脆弱性 CWE-119
バッファエラー 		CVE-2016-8866 2017-03-22 17:45 2016-11-22 Show GitHub Exploit DB Packet Storm
197827 5.3 警告
Network 		Invite Anyone project - WordPress 用 Invite Anyone プラグインの by-email/by-email.php における招待メールの件名および本文を変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6955 2017-03-22 17:17 2017-03-14 Show GitHub Exploit DB Packet Storm
197828 4.3 警告
Network 		BuddyPress.org - WordPress 用 BuddyPress Docs プラグインの includes/component.php における他のユーザのドキュメントを編集される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-6954 2017-03-22 17:17 2017-03-14 Show GitHub Exploit DB Packet Storm
197829 4.3 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の Uniscribe におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-0128 2017-03-22 17:12 2017-03-14 Show GitHub Exploit DB Packet Storm
197830 4.3 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の Uniscribe におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-0127 2017-03-22 17:12 2017-03-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2091 6.8 MEDIUM
Adjacent 		- - Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability. CWE-787
 Out-of-bounds Write 		CVE-2026-41970 2026-05-15 23:08 2026-05-15 Show GitHub Exploit DB Packet Storm
2092 5.5 MEDIUM
Local 		- - Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. CWE-840
 Business Logic Errors 		CVE-2026-41971 2026-05-15 23:08 2026-05-15 Show GitHub Exploit DB Packet Storm
2093 8.3 HIGH
Network 		pyload-ng_project pyload-ng pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates … CWE-441
CWE-863
CWE-918
Confused Deputy
 Incorrect Authorization
Server-Side Request Forgery (SSRF)  		CVE-2026-42313 2026-05-15 23:04 2026-05-12 Show GitHub Exploit DB Packet Storm
2094 6.7 MEDIUM
Local 		fortinet fortiap
fortiap-u
fortiap-w2 		An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5… CWE-78
OS Command  		CVE-2025-53680 2026-05-15 23:04 2026-05-13 Show GitHub Exploit DB Packet Storm
2095 7.2 HIGH
Network 		fortinet fortimail An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerability [CWE-89] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5,… CWE-89
SQL Injection 		CVE-2025-53681 2026-05-15 23:04 2026-05-13 Show GitHub Exploit DB Packet Storm
2096 8.8 HIGH
Network 		fortinet fortios A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via spe… CWE-787
 Out-of-bounds Write 		CVE-2025-53844 2026-05-15 23:04 2026-05-13 Show GitHub Exploit DB Packet Storm
2097 5.3 MEDIUM
Network 		fortinet fortianalyzer
fortimanager 		A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions,… CWE-676
 Use of Potentially Dangerous Function 		CVE-2025-67604 2026-05-15 23:03 2026-05-13 Show GitHub Exploit DB Packet Storm
2098 7.2 HIGH
Network 		ivanti virtual_traffic_manager OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. CWE-78
OS Command  		CVE-2026-8051 2026-05-15 22:58 2026-05-13 Show GitHub Exploit DB Packet Storm
2099 6.5 MEDIUM
Network 		pyload-ng_project pyload-ng pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, package folder names are sanitized using insufficient string replacement. The pattern ....// becomes .._ … CWE-22
Path Traversal 		CVE-2026-42314 2026-05-15 22:43 2026-05-12 Show GitHub Exploit DB Packet Storm
2100 9.8 CRITICAL
Network 		fortinet fortisandbox
fortisandbox_cloud
fortisandbox_paas 		A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, Fort… CWE-862
 Missing Authorization 		CVE-2026-26083 2026-05-15 22:42 2026-05-13 Show GitHub Exploit DB Packet Storm