Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202741 4.3 警告
Network 		Apache Software Foundation - Apache Cordova におけるアクセス制限不備の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-5207 2016-06-2 17:49 2016-05-11 Show GitHub Exploit DB Packet Storm
202742 9.8 緊急
Network 		Sixnet - Sixnet BT-5xxx および BT-6xxx M2M デバイスにおけるアクセス権を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-4521 2016-06-2 16:55 2016-05-26 Show GitHub Exploit DB Packet Storm
202743 5.8 警告
Network 		Moxa Inc. - Moxa UC-7408 LX-Plus デバイスにおけるファームウェアに書き込まれる脆弱性 CWE-Other
その他 		CVE-2016-4500 2016-06-2 15:00 2016-05-31 Show GitHub Exploit DB Packet Storm
202744 7.5 重要
Network 		Moxa Inc. - 複数の Moxa MiiNePort デバイス製品のファームウェアにおける重要な平文情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-2295 2016-06-2 15:00 2016-05-24 Show GitHub Exploit DB Packet Storm
202745 7.5 重要
Network 		Moxa Inc. - 複数の Moxa MiiNePort デバイス製品のファームウェアにおけるアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2016-2286 2016-06-2 15:00 2016-05-24 Show GitHub Exploit DB Packet Storm
202746 7.5 重要
Network 		Moxa Inc. - Moxa Secure Router EDR-G903 デバイスにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-0879 2016-06-2 15:00 2016-05-17 Show GitHub Exploit DB Packet Storm
202747 7.5 重要
Network 		Moxa Inc. - Moxa Secure Router EDR-G903 デバイスにおける平文のパスワードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-0876 2016-06-2 15:00 2016-05-17 Show GitHub Exploit DB Packet Storm
202748 7.8 重要
Local 		アドビシステムズ - Adobe Connect のアドインインストーラにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-4118 2016-06-2 14:42 2016-05-23 Show GitHub Exploit DB Packet Storm
202749 6.5 警告
Network 		Black Box Network Services. - Black Box AlertWerks ServSensor 製品のファームウェアにおける管理者およびユーザのパスワードを取得される脆弱性 CWE-200
CWE-255
CVE-2016-2311 2016-06-2 14:31 2016-05-26 Show GitHub Exploit DB Packet Storm
202750 7.5 重要
Network 		Environmental Systems Corporation - Environmental Systems Corporation 8832 Data Controller おけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-4502 2016-06-2 14:25 2016-05-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1331 9.8 CRITICAL
Network 		paloaltonetworks
siemens 		pan-os
ruggedcom_ape1808_firmware 		A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code w… Update CWE-787
 Out-of-bounds Write 		CVE-2026-0300 2026-05-13 03:47 2026-05-7 Show GitHub Exploit DB Packet Storm
1332 7.5 HIGH
Network 		apple ipados
iphone_os
macos
tvos
visionos
watchos 		The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS … New CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-28990 2026-05-13 03:46 2026-05-12 Show GitHub Exploit DB Packet Storm
1333 7.5 HIGH
Network 		apple ipados
iphone_os
macos
tvos
visionos
watchos 		This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watch… New CWE-284
Improper Access Control 		CVE-2026-28974 2026-05-13 03:46 2026-05-12 Show GitHub Exploit DB Packet Storm
1334 7.5 HIGH
Network 		apple ipados
iphone_os 		A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.5 and iPadOS 26.5. A user may be able to view restricted content from the lock screen. New CWE-284
Improper Access Control 		CVE-2026-28965 2026-05-13 03:46 2026-05-12 Show GitHub Exploit DB Packet Storm
1335 7.5 HIGH
Network 		apple ipados
iphone_os
visionos 		An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to access sensitive user data. New CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-28964 2026-05-13 03:46 2026-05-12 Show GitHub Exploit DB Packet Storm
1336 4.4 MEDIUM
Local 		anthropic claude_sdk_for_typescript Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.91.1, the BetaLocalFilesystemMemoryTool in … Update CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-41686 2026-05-13 03:37 2026-05-5 Show GitHub Exploit DB Packet Storm
1337 - - - LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before … New CWE-522
 Insufficiently Protected Credentials 		CVE-2026-8368 2026-05-13 03:17 2026-05-13 Show GitHub Exploit DB Packet Storm
1338 4.2 MEDIUM
Network 		- - WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement p… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-43883 2026-05-13 03:17 2026-05-12 Show GitHub Exploit DB Packet Storm
1339 5.4 MEDIUM
Network 		- - WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the de… New CWE-352
 Origin Validation Error 		CVE-2026-43877 2026-05-13 03:17 2026-05-12 Show GitHub Exploit DB Packet Storm
1340 - - - Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21,… New CWE-285
Improper Authorization 		CVE-2026-43515 2026-05-13 03:17 2026-05-13 Show GitHub Exploit DB Packet Storm