Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202201 7.4 重要
Network 		Mozilla Foundation - Mozilla Firefox におけるアドオンの更新を偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-5284 2016-09-27 17:51 2016-09-13 Show GitHub Exploit DB Packet Storm
202202 8.8 重要
Network 		Mozilla Foundation - Mozilla Firefox における同一生成元ポリシーを回避される脆弱性 CWE-Other
その他 		CVE-2016-5283 2016-09-27 17:51 2016-09-13 Show GitHub Exploit DB Packet Storm
202203 6.5 警告
Network 		Mozilla Foundation - Mozilla Firefox における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-5282 2016-09-27 17:51 2016-09-13 Show GitHub Exploit DB Packet Storm
202204 9.8 緊急
Network 		Mozilla Foundation - Mozilla Firefox の DOMSVGLength クラスにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-5281 2016-09-27 17:51 2016-09-13 Show GitHub Exploit DB Packet Storm
202205 9.8 緊急
Network 		Mozilla Foundation - Mozilla Firefox の mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap 関数における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-5280 2016-09-27 17:51 2016-09-13 Show GitHub Exploit DB Packet Storm
202206 4.3 警告
Network 		Mozilla Foundation - Mozilla Firefox におけるローカルファイルのドラッグ&ドロップ操作中に重要なフルパス名の情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-5279 2016-09-27 17:51 2016-09-13 Show GitHub Exploit DB Packet Storm
202207 8.8 重要
Network 		Mozilla Foundation - Mozilla Firefox の nsBMPEncoder::AddImageFrame 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-5278 2016-09-27 17:51 2016-09-13 Show GitHub Exploit DB Packet Storm
202208 9.8 緊急
Network 		Mozilla Foundation - Mozilla Firefox の nsRefreshDriver::Tick 関数における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-5277 2016-09-27 17:49 2016-09-13 Show GitHub Exploit DB Packet Storm
202209 9.8 緊急
Network 		Mozilla Foundation - Mozilla Firefox の mozilla::a11y::DocAccessible::ProcessInvalidationList 関数における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-5276 2016-09-27 17:49 2016-09-13 Show GitHub Exploit DB Packet Storm
202210 8.8 重要
Network 		Mozilla Foundation - Mozilla Firefox の mozilla::gfx::FilterSupport::ComputeSourceNeededRegions 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-5275 2016-09-27 17:49 2016-09-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2491 7.5 HIGH
Network 		apple ipados
iphone_os
macos
visionos 		The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. Processing a malicio… CWE-20
 Improper Input Validation  		CVE-2026-28936 2026-05-14 23:01 2026-05-12 Show GitHub Exploit DB Packet Storm
2492 4.6 MEDIUM
Physics 		apple macos This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information. CWE-522
 Insufficiently Protected Credentials 		CVE-2026-28961 2026-05-14 23:01 2026-05-12 Show GitHub Exploit DB Packet Storm
2493 6.2 MEDIUM
Local 		apple ipados
iphone_os
macos
tvos
visionos
watchos 		The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 2… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-28977 2026-05-14 23:01 2026-05-12 Show GitHub Exploit DB Packet Storm
2494 5.3 MEDIUM
Local 		vim vim Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… CWE-78
OS Command  		CVE-2026-44656 2026-05-14 22:59 2026-05-9 Show GitHub Exploit DB Packet Storm
2495 5.3 MEDIUM
Network 		python urllib3 urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=Fa… CWE-200
NVD-CWE-noinfo
Information Exposure 		CVE-2026-44431 2026-05-14 22:56 2026-05-14 Show GitHub Exploit DB Packet Storm
2496 4.4 MEDIUM
Local 		vim vim Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a cr… CWE-78
OS Command  		CVE-2026-42307 2026-05-14 22:55 2026-05-9 Show GitHub Exploit DB Packet Storm
2497 5.3 MEDIUM
Network 		redwoodjs redwoodsdk RedwoodSDK is a server-first React framework. From version 1.0.0-beta.50 to before version 1.2.3, server actions in rwsdk apply HTTP method enforcement but no origin validation. A request originating… CWE-352
 Origin Validation Error 		CVE-2026-42190 2026-05-14 22:54 2026-05-9 Show GitHub Exploit DB Packet Storm
2498 7.2 HIGH
Network 		claris filemaker_cloud A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to bypass a front-end restriction on OS Script schedule types and execute arbitrary operat… CWE-94
Code Injection 		CVE-2026-43680 2026-05-14 22:53 2026-05-13 Show GitHub Exploit DB Packet Storm
2499 7.2 HIGH
Network 		claris filemaker_cloud A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External OD… CWE-78
OS Command  		CVE-2026-43685 2026-05-14 22:52 2026-05-13 Show GitHub Exploit DB Packet Storm
2500 7.5 HIGH
Network 		python urllib3 urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) c… CWE-409
 Improper Handling of Highly Compressed Data (Data Amplification) 		CVE-2026-44432 2026-05-14 22:49 2026-05-14 Show GitHub Exploit DB Packet Storm