Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200231 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9864 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200232 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9863 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200233 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin における BBCode インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2016-9862 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200234 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin における URL ホワイトリストによる保護を回避される脆弱性 CWE-254
セキュリティ機能 		CVE-2016-9861 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200235 5.9 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9860 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200236 5.3 警告
Network 		The phpMyAdmin Project - phpMyAdmin のインポート機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9859 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200237 5.3 警告
Network 		The phpMyAdmin Project - phpMyAdmin の検索保存機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9858 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200238 6.1 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9857 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200239 6.1 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9856 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
200240 5.3 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるディレクトリのフルパスを含むエラーメッセージを表示される脆弱性 CWE-200
情報漏えい 		CVE-2016-9855 2016-12-15 14:56 2016-11-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1241 9.8 CRITICAL
Network 		libexpat_project libexpat `xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this… CWE-331
 Insufficient Entropy 		CVE-2026-7210 2026-05-16 12:05 2026-05-12 Show GitHub Exploit DB Packet Storm
1242 8.1 HIGH
Network 		bitwarden server Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management … CWE-303
 Incorrect Implementation of Authentication Algorithm 		CVE-2026-43640 2026-05-16 12:04 2026-05-12 Show GitHub Exploit DB Packet Storm
1243 9.1 CRITICAL
Network 		bitwarden server Bitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability that allows a provider service user to add an arbitrary organization to their provider via `POST /providers/{provide… CWE-862
 Missing Authorization 		CVE-2026-43639 2026-05-16 12:04 2026-05-12 Show GitHub Exploit DB Packet Storm
1244 5.4 MEDIUM
Network 		bitwarden server Bitwarden Server prior to v2026.4.1 contains a missing authorization vulnerability that allows any authenticated user to write ciphers into an arbitrary organization via `POST /ciphers/import-organiz… CWE-862
 Missing Authorization 		CVE-2026-43638 2026-05-16 11:55 2026-05-12 Show GitHub Exploit DB Packet Storm
1245 5.6 MEDIUM
Network 		dell elastic_cloud_storage
objectscale 		Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthentica… CWE-302
 Authentication Bypass by Assumed-Immutable Data 		CVE-2025-43992 2026-05-16 11:52 2026-05-11 Show GitHub Exploit DB Packet Storm
1246 8.8 HIGH
Network 		google chrome Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) CWE-416
 Use After Free 		CVE-2026-8581 2026-05-16 11:48 2026-05-15 Show GitHub Exploit DB Packet Storm
1247 3.5 LOW
Network 		- - The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.9, OCI ownership validation skips label-match check when upstream OCI registry return… CWE-636
 Not Failing Securely ('Failing Open') 		CVE-2026-45781 2026-05-16 11:16 2026-05-15 Show GitHub Exploit DB Packet Storm
1248 5.5 MEDIUM
Local 		microsoft word Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. CWE-284
NVD-CWE-noinfo
Improper Access Control 		CVE-2026-41101 2026-05-16 11:09 2026-05-13 Show GitHub Exploit DB Packet Storm
1249 5.5 MEDIUM
Local 		microsoft powerpoint Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally. CWE-284
Improper Access Control 		CVE-2026-41102 2026-05-16 11:08 2026-05-13 Show GitHub Exploit DB Packet Storm
1250 9.1 CRITICAL
Network 		microsoft confluence_saml_sso
jira_saml_sso 		Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network. CWE-303
NVD-CWE-Other
 Incorrect Implementation of Authentication Algorithm 		CVE-2026-41103 2026-05-16 11:07 2026-05-13 Show GitHub Exploit DB Packet Storm