Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198331 9.8 緊急
Network 		Python Software Foundation - CPython の zipimport.c の get_data 関数における整数オーバーフローの脆弱性 CWE-Other
その他 		CVE-2016-5636 2016-11-16 17:21 2016-06-25 Show GitHub Exploit DB Packet Storm
198332 5.9 警告
Network 		Wireshark
オラクル		 - Wireshark のイーサネットディセクタの epan/dissectors/packet-pktap.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-5358 2016-11-16 17:21 2016-06-7 Show GitHub Exploit DB Packet Storm
198333 5.9 警告
Network 		Wireshark
オラクル		 - Wireshark の NetScreen ファイルパーサの wiretap/netscreen.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-5357 2016-11-16 17:21 2016-06-7 Show GitHub Exploit DB Packet Storm
198334 5.9 警告
Network 		Wireshark - Wireshark の CoSine ファイルパーサの wiretap/cosine.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-5356 2016-11-16 17:21 2016-06-7 Show GitHub Exploit DB Packet Storm
198335 5.9 警告
Network 		Wireshark - Wireshark の Toshiba ファイルパーサの wiretap/toshiba.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-5355 2016-11-16 17:21 2016-06-7 Show GitHub Exploit DB Packet Storm
198336 5.9 警告
Network 		Wireshark - Wireshark の USB サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-5354 2016-11-16 17:21 2016-06-7 Show GitHub Exploit DB Packet Storm
198337 5.9 警告
Network 		Wireshark - Wireshark の UMTS FP ディセクタの epan/dissectors/packet-umts_fp.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-5353 2016-11-16 17:19 2016-06-7 Show GitHub Exploit DB Packet Storm
198338 5.9 警告
Network 		Wireshark - Wireshark の IEEE 802.11 ディセクタの epan/crypt/airpdcap.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-5352 2016-11-16 17:19 2016-06-7 Show GitHub Exploit DB Packet Storm
198339 5.9 警告
Network 		Wireshark - Wireshark の IEEE 802.11 ディセクタの epan/crypt/airpdcap.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-5351 2016-11-16 17:19 2016-06-7 Show GitHub Exploit DB Packet Storm
198340 7.5 重要
Network 		Wireshark - Wireshark の SPOOLS コンポーネントの epan/dissectors/packet-dcerpc-spoolss.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-5350 2016-11-16 17:19 2016-06-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
841 6.1 MEDIUM
Local 		- - CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-42144 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
842 4.4 MEDIUM
Network 		- - PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery (SSRF). The macro allows user… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42140 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
843 - - - Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/fi… New CWE-79
Cross-site Scripting 		CVE-2026-42138 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
844 6.5 MEDIUM
Network 		- - titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscr… New CWE-200
Information Exposure 		CVE-2026-42092 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
845 9.6 CRITICAL
Network 		- - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Py… New CWE-250
 Execution with Unnecessary Privileges 		CVE-2026-42088 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
846 4.6 MEDIUM
Network 		- - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval() function on… New CWE-79
Cross-site Scripting 		CVE-2026-42086 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
847 4.3 MEDIUM
Network 		- - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in… New CWE-23
 Relative Path Traversal 		CVE-2026-42085 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
848 8.1 HIGH
Network 		- - Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download (fetch) command allows attackers to write files to arbitrary… New CWE-22
Path Traversal 		CVE-2026-42075 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
849 5.3 MEDIUM
Network 		- - Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/{id}, /api/… New CWE-285
Improper Authorization 		CVE-2026-41572 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
850 9.4 CRITICAL
Network 		- - Note Mark is an open-source note-taking application. In version 0.19.2, IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt("null") placeholder whenever a user has no stored pas… New CWE-287
Improper Authentication 		CVE-2026-41571 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm