Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203041 9.8 緊急
Network 		Google
dhcpcd project		 - Android などの製品で使用される dhcpcd における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-1503 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
203042 8.8 重要
Adjacent 		Google - Android の Bluetooth の PORCHE_PAIRING_CONFLICT 機能におけるペアリングの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-0850 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
203043 8.4 重要
Local 		Google - Android の Telecom Component における呼び出し発信用の電話番号を偽造される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-0847 2016-04-27 09:52 2016-04-4 Show GitHub Exploit DB Packet Storm
203044 9.8 緊急
Network 		Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2016-1659 2016-04-26 18:05 2016-04-13 Show GitHub Exploit DB Packet Storm
203045 7.5 重要
Network 		Google - Android 上で稼働する Google Chrome のダウンロードの実装におけるパス名の制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-1656 2016-04-26 18:05 2016-04-13 Show GitHub Exploit DB Packet Storm
203046 6.5 警告
Network 		Google - Google Chrome のメディアサブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1654 2016-04-26 18:05 2016-04-13 Show GitHub Exploit DB Packet Storm
203047 8.8 重要
Network 		Google - Google Chrome で使用される Google V8 の LoadBuffer の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-1653 2016-04-26 18:05 2016-04-13 Show GitHub Exploit DB Packet Storm
203048 8.1 重要
Network 		Google - Google Chrome で使用される PDFium の fxcodec/codec/fx_codec_jpx_opj.cpp におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-1651 2016-04-26 18:05 2016-04-13 Show GitHub Exploit DB Packet Storm
203049 8.8 重要
Network 		Debian
OptiPNG		 - OptiPNG の pngxrbmp.c の bmp_rle4_fread 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-3982 2016-04-26 17:17 2016-01-3 Show GitHub Exploit DB Packet Storm
203050 8.8 重要
Network 		openSUSE project
The Cacti Group		 - Cacti の auth_login.php におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2313 2016-04-26 16:55 2016-02-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
761 6.3 MEDIUM
Network 		- - In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the database is never populated (NULL for every ARQ), da… New CWE-282
 Improper Ownership Management 		CVE-2026-40214 2026-05-9 01:16 2026-05-8 Show GitHub Exploit DB Packet Storm
762 7.4 HIGH
Network 		- - OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless… New CWE-863
 Incorrect Authorization 		CVE-2026-40213 2026-05-9 01:16 2026-05-8 Show GitHub Exploit DB Packet Storm
763 7.4 HIGH
Local 		- - Akamai Guardicore Platform Agent (GPA) and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directo… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-34354 2026-05-9 01:16 2026-05-9 Show GitHub Exploit DB Packet Storm
764 - - - lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser (lwjson_stream.c). The end-of-string detection logic incorrectly identifies escaped quote characters by o… New - CVE-2026-29975 2026-05-9 01:16 2026-05-9 Show GitHub Exploit DB Packet Storm
765 - - - An issue was discovered in kosma minmea 0.3.0. The minmea_scan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmea_scan o… New - CVE-2026-29974 2026-05-9 01:16 2026-05-9 Show GitHub Exploit DB Packet Storm
766 8.6 HIGH
Network 		- - Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration. Versions 3.22.0 through 3.53.1 contain a vulnerability that allows un… New CWE-200
CWE-497
Information Exposure
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-42047 2026-05-9 01:08 2026-05-8 Show GitHub Exploit DB Packet Storm
767 7.3 HIGH
Network 		- - This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to t… New CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2026-6411 2026-05-9 01:08 2026-05-8 Show GitHub Exploit DB Packet Storm
768 8.8 HIGH
Network 		- - OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution envir… New CWE-78
CWE-94
CWE-250
CWE-284
CWE-693
OS Command 
Code Injection
 Execution with Unnecessary Privileges
Improper Access Control
 Protection Mechanism Failure 		CVE-2026-41900 2026-05-9 01:08 2026-05-8 Show GitHub Exploit DB Packet Storm
769 5.1 MEDIUM
Network 		- - wlc is a Weblate command-line client using Weblate's REST API. Prior to version 2.0.0, the HTML output format in wlc embeds API response data into HTML without escaping, allowing cross-site scripting… New CWE-79
Cross-site Scripting 		CVE-2026-42150 2026-05-9 01:08 2026-05-8 Show GitHub Exploit DB Packet Storm
770 7.1 HIGH
Network 		- - PromptHub is an all-in-one AI toolbox for prompt, skill, and agent management. From version 0.4.9 to before version 0.5.4, apps/web/src/routes/skills.ts exposes an authenticated endpoint POST /api/sk… New CWE-20
CWE-693
CWE-918
 Improper Input Validation 
 Protection Mechanism Failure
Server-Side Request Forgery (SSRF)  		CVE-2026-42261 2026-05-9 01:08 2026-05-8 Show GitHub Exploit DB Packet Storm