Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
203701	7.8	重要 Local	Google	-	Android のメディアサーバの media/libmedia/IOMX.cpp における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-2413	2016-04-27 09:52	2016-04-4	Show	GitHub Exploit DB Packet Storm

203702	8.1	重要 Network	Google	-	Android の Texas Instruments ハプティクスカーネルドライバにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-2409	2016-04-27 09:52	2016-04-4	Show	GitHub Exploit DB Packet Storm

203703	9.8	緊急 Network	Google dhcpcd project	-	Android などの製品で使用される dhcpcd における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-1503	2016-04-27 09:52	2016-04-4	Show	GitHub Exploit DB Packet Storm

203704	8.8	重要 Adjacent	Google	-	Android の Bluetooth の PORCHE_PAIRING_CONFLICT 機能におけるペアリングの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0850	2016-04-27 09:52	2016-04-4	Show	GitHub Exploit DB Packet Storm

203705	8.4	重要 Local	Google	-	Android の Telecom Component における呼び出し発信用の電話番号を偽造される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-0847	2016-04-27 09:52	2016-04-4	Show	GitHub Exploit DB Packet Storm

203706	9.8	緊急 Network	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2016-1659	2016-04-26 18:05	2016-04-13	Show	GitHub Exploit DB Packet Storm

203707	7.5	重要 Network	Google	-	Android 上で稼働する Google Chrome のダウンロードの実装におけるパス名の制限を回避される脆弱性	CWE-Other その他	CVE-2016-1656	2016-04-26 18:05	2016-04-13	Show	GitHub Exploit DB Packet Storm

203708	6.5	警告 Network	Google	-	Google Chrome のメディアサブシステムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-1654	2016-04-26 18:05	2016-04-13	Show	GitHub Exploit DB Packet Storm

203709	8.8	重要 Network	Google	-	Google Chrome で使用される Google V8 の LoadBuffer の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-1653	2016-04-26 18:05	2016-04-13	Show	GitHub Exploit DB Packet Storm

203710	8.1	重要 Network	Google	-	Google Chrome で使用される PDFium の fxcodec/codec/fx_codec_jpx_opj.cpp におけるプロセスメモリから重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-1651	2016-04-26 18:05	2016-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
171	6.1	MEDIUM Network	-	-	Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS. New	CWE-79 Cross-site Scripting	CVE-2026-24710	2026-05-15 02:06	2026-05-15	Show	GitHub Exploit DB Packet Storm

172	-		-	-	Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control. New	-	CVE-2026-24711	2026-05-15 02:06	2026-05-15	Show	GitHub Exploit DB Packet Storm

173	-		-	-	Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command injection. New	-	CVE-2026-24712	2026-05-15 02:06	2026-05-15	Show	GitHub Exploit DB Packet Storm

174	9.6	CRITICAL Network	tanstack	tanstack\/arktype-adapter tanstack\/eslint-plugin-router tanstack\/eslint-plugin-start tanstack\/history tanstack\/nitro-v2-vite-plugin tanstack\/react-router tanstack\/react-router…	On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate … New	CWE-506 Embedded Malicious Code	CVE-2026-45321	2026-05-15 02:05	2026-05-12	Show	GitHub Exploit DB Packet Storm

175	7.5	HIGH Network	mediawiki	mediawiki	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation OATHAuth. This issue affects OATHAuth: from * before 1.43.7, 1.44.4, 1.45.2. Update	CWE-200 Information Exposure	CVE-2026-34087	2026-05-15 02:02	2026-05-12	Show	GitHub Exploit DB Packet Storm

176	7.5	HIGH Network	-	-	Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multipart has a denial of service vulnerability in multipart part header parsing. When parsing multipart/form-data… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42561	2026-05-15 02:00	2026-05-14	Show	GitHub Exploit DB Packet Storm

177	-		-	-	PyQuorum is a cryptographic library for secret sharing and key management. Prior to 0.2.1, the mul_mod function implements multiplication via a binary expansion loop whose execution time depends on t… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-44368	2026-05-15 02:00	2026-05-14	Show	GitHub Exploit DB Packet Storm

178	-		-	-	EcclesiaCRM is CRM Software for church management. In 8.0.0 and earlier, the ValidateInput() function's default case in EcclesiaCRM's query view passes user-supplied POST parameters directly into SQL… New	CWE-89 SQL Injection	CVE-2026-44418	2026-05-15 02:00	2026-05-14	Show	GitHub Exploit DB Packet Storm

179	-		-	-	Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could turn a redirect route rule using wildcards rewrite into a cross-host redirect by sliding an extra slash in after… New	CWE-601 Open Redirect	CVE-2026-44372	2026-05-15 01:57	2026-05-14	Show	GitHub Exploit DB Packet Storm

180	5.3	MEDIUM Network	-	-	Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could bypass a proxy route rule by sending percent-encoded path traversal (..%2f) in the URL, causing Nitro to forward… New	CWE-22 Path Traversal	CVE-2026-44373	2026-05-15 01:57	2026-05-14	Show	GitHub Exploit DB Packet Storm