Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202801	4	警告	Google	-	Kubernetes の API サーバにおける追加のリソースにアクセスされる脆弱性	CWE-Other その他	CVE-2016-1905	2016-02-26 15:48	2016-01-12	Show	GitHub Exploit DB Packet Storm

202802	6	警告	Django Software Foundation	-	Django におけるアクセス制限を回避される脆弱性	CWE-Other その他	CVE-2016-2048	2016-02-26 14:34	2016-02-1	Show	GitHub Exploit DB Packet Storm

202803	5.8	警告	シマンテック	-	Symantec Encryption Management Server における任意の OS コマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2015-8151	2016-02-26 14:14	2015-11-13	Show	GitHub Exploit DB Packet Storm

202804	6.3	警告	シマンテック	-	Symantec Encryption Management Server における root のアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-8150	2016-02-26 14:14	2015-11-13	Show	GitHub Exploit DB Packet Storm

202805	4.3	警告	Google	-	Google Chrome の Chrome Instant 機能における制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-1625	2016-02-26 13:55	2016-02-9	Show	GitHub Exploit DB Packet Storm

202806	6.8	警告	Google	-	Google Chrome の DOM の実装における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-1623	2016-02-26 13:55	2016-02-9	Show	GitHub Exploit DB Packet Storm

202807	6.8	警告	Google	-	Google Chrome の拡張サブシステムにおける同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-1622	2016-02-26 13:55	2016-02-9	Show	GitHub Exploit DB Packet Storm

202808	4.3	警告	シスコシステムズ	-	Cisco WebEx Meetings Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1309	2016-02-26 11:58	2016-02-5	Show	GitHub Exploit DB Packet Storm

202809	2.1	注意	IBM	-	IBM WebSphere MQ の WMQ Telemetry の MQXR サービスにおける重要な情報を取得される脆弱性	CWE-200 CWE-255	CVE-2015-2012	2016-02-26 11:54	2015-02-19	Show	GitHub Exploit DB Packet Storm

202810	4	警告	Roundcube.net	-	Roundcube の program/steps/addressbook/photo.inc における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-8794	2016-02-26 11:15	2015-06-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
411	8.8	HIGH Network	-	-	Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects P… Update	CWE-93 CRLF Injection	CVE-2026-5140	2026-05-4 23:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

412	-		-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid… New	-	CVE-2026-4928	2026-05-4 23:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

413	7.7	HIGH Network	-	-	In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data. Update	CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer	CVE-2026-43824	2026-05-4 23:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

414	5.3	MEDIUM Network	-	-	Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head… New	CWE-444 HTTP Request Smuggling	CVE-2026-40561	2026-05-4 23:16	2026-05-3	Show	GitHub Exploit DB Packet Storm

415	6.7	MEDIUM Local	-	-	In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti… New	CWE-843 Type Confusion	CVE-2026-20451	2026-05-4 23:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

416	6.5	MEDIUM Adjacent	-	-	In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with… New	CWE-617 Reachable Assertion	CVE-2026-20450	2026-05-4 23:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

417	6.5	MEDIUM Adjacent	-	-	In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with n… New	CWE-120 Classic Buffer Overflow	CVE-2026-20449	2026-05-4 23:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

418	6.7	MEDIUM Local	-	-	In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv… New	CWE-280 Improper Handling of Insufficient Permissions or Privileges	CVE-2026-20448	2026-05-4 23:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

419	6.7	MEDIUM Local	-	-	In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privileg… New	CWE-125 Out-of-bounds Read	CVE-2026-20447	2026-05-4 23:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

420	6.5	MEDIUM Adjacent	amazon	freertos-plus-tcp	Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC ad… Update	CWE-290 Authentication Bypass by Spoofing	CVE-2026-7422	2026-05-4 22:43	2026-04-30	Show	GitHub Exploit DB Packet Storm