Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199571 4.3 警告 日立
IBM
Apache Software Foundation
オラクル		 - Apache Tomcat の java/org/apache/tomcat/util/buf/Ascii.java における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2014-0099 2016-11-22 16:00 2014-03-27 Show GitHub Exploit DB Packet Storm
199572 4.3 警告 日立
IBM
Apache Software Foundation
オラクル		 - Apache Tomcat のデフォルトサーブレットにおけるセキュリティマネージャの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0096 2016-11-22 16:00 2014-03-27 Show GitHub Exploit DB Packet Storm
199573 5 警告 日立
IBM
Apache Software Foundation
オラクル		 - Apache Tomcat の java/org/apache/coyote/http11/filters/ChunkedInputFilter.java における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2014-0075 2016-11-22 16:00 2014-03-27 Show GitHub Exploit DB Packet Storm
199574 5 警告 Apache Software Foundation
オラクル		 - Apache Commons FileUpload におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0050 2016-11-22 16:00 2014-02-10 Show GitHub Exploit DB Packet Storm
199575 4.3 警告 Apache Software Foundation
オラクル		 - Apache Tomcat における "Tomcat の内部" 情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-4590 2016-11-22 16:00 2013-12-26 Show GitHub Exploit DB Packet Storm
199576 6.8 警告 Apache Software Foundation
オラクル		 - Apache Tomcat における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-4444 2016-11-22 16:00 2013-05-9 Show GitHub Exploit DB Packet Storm
199577 4.3 警告 IBM
Apache Software Foundation
オラクル		 - Apache Tomcat におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4322 2016-11-22 16:00 2013-12-26 Show GitHub Exploit DB Packet Storm
199578 5.8 警告 Apache Software Foundation
オラクル		 - Apache Tomcat におけるリクエスト長の誤った識別を誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4286 2016-11-22 16:00 2013-09-23 Show GitHub Exploit DB Packet Storm
199579 6.8 警告 日本電気
Apache Software Foundation
オラクル		 - Apache Tomcat のフォーム認証機能におけるセッションにリクエストを挿入される脆弱性 CWE-287
不適切な認証 		CVE-2013-2067 2016-11-22 16:00 2013-05-3 Show GitHub Exploit DB Packet Storm
199580 5 警告 アップル
OpenSSL Project
ヒューレット・パッカード
オラクル		 - OpenSSL におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-3571 2016-11-22 15:58 2014-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1851 - - - FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability allows attackers (or authenticated users with App editing privi… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44286 2026-05-13 01:40 2026-05-9 Show GitHub Exploit DB Packet Storm
1852 7.7 HIGH
Network 		- - FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress() function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a full… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42345 2026-05-13 01:40 2026-05-9 Show GitHub Exploit DB Packet Storm
1853 6.3 MEDIUM
Network 		- - FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected int… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44284 2026-05-13 01:40 2026-05-9 Show GitHub Exploit DB Packet Storm
1854 - - - Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In versions 2.14.0 and prior, the archive upload endpoint (POST /api/v1/archives/[li… CWE-79
Cross-site Scripting 		CVE-2026-42455 2026-05-13 01:39 2026-05-9 Show GitHub Exploit DB Packet Storm
1855 9.1 CRITICAL
Network 		- - Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. Prior to version 2.13.0, a Server-Side Request Forgery (SSRF) vulnerability in the f… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44313 2026-05-13 01:39 2026-05-9 Show GitHub Exploit DB Packet Storm
1856 5.3 MEDIUM
Network 		- - A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59. Affected by this issue is the function recall_relevant_memories_to_working_memory of the file core/… CWE-400
CWE-404
 Uncontrolled Resource Consumption
 Improper Resource Shutdown or Release 		CVE-2026-8319 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1857 4.7 MEDIUM
Network 		- - A security vulnerability has been detected in jishenghua jshERP up to 3.6. This affects the function getUserByWeixinCode of the file jshERP-boot/src/main/java/com/jsh/erp/service/UserService.java of … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8320 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1858 7.3 HIGH
Network 		- - A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. P… CWE-287
CWE-288
Improper Authentication
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-8321 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1859 - - - CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in ra… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-6866 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1860 4.4 MEDIUM
Local 		- - An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a sh… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-7431 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm