Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
204041	5.3	警告 Network	シスコシステムズ	-	Cisco Prime Network Analysis Module におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-1370	2016-06-6 15:26	2016-06-1	Show	GitHub Exploit DB Packet Storm

204042	6.1	警告 Network	サイボウズ	-	サイボウズ Office におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-7795 CVE-2015-7796 CVE-2015-7797 CVE-2015-7798 CVE-2016-1149 CVE-2016-1150	2016-06-6 14:58	2016-02-15	Show	GitHub Exploit DB Packet Storm

204043	7.5	重要 Network	GNU Project Canonical Fedora Project	-	GNU C Library の getnetbyname 関数の nss_dns の実装におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-3075	2016-06-6 13:55	2016-03-29	Show	GitHub Exploit DB Packet Storm

204044	7.5	重要 Network	GNU Project Fedora Project	-	GNU C Library の glob の実装におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-1234	2016-06-6 13:55	2016-05-4	Show	GitHub Exploit DB Packet Storm

204045	7.8	重要 Local	Docker openSUSE project Open Container Project	-	Docker で使用される runC の libcontainer/user/user.go における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-3697	2016-06-6 11:37	2016-04-13	Show	GitHub Exploit DB Packet Storm

204046	9.1	緊急 Network	Apache Software Foundation	-	Apache Qpid Java の複数の AMQP 接続処理における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2016-4432	2016-06-3 14:29	2016-05-12	Show	GitHub Exploit DB Packet Storm

204047	5.9	警告 Network	Apache Software Foundation	-	Apache Qpid Java の PlainSaslServer.java におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 CWE-287	CVE-2016-3094	2016-06-3 14:29	2016-05-18	Show	GitHub Exploit DB Packet Storm

204048	9.8	緊急 Network	Apache Software Foundation	-	Apache ActiveMQ のファイルサーバ Web アプリケーションにおける任意のファイルをアップロードされる脆弱性	CWE-20 不適切な入力確認	CVE-2016-3088	2016-06-3 14:29	2016-05-23	Show	GitHub Exploit DB Packet Storm

204049	7.8	重要 Local	Apache Software Foundation	-	Apache PDFBox における XML 外部エンティティ攻撃を実行される脆弱性	CWE-Other その他	CVE-2016-2175	2016-06-3 14:29	2016-04-17	Show	GitHub Exploit DB Packet Storm

204050	6.1	警告 Network	シトリックス・システムズ	-	Citrix NetScaler Gateway の vpn/js/gateway_login_form_view.js におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-4945	2016-06-3 14:16	2016-05-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
771	8.5	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_url() in backend/open_webui/retrieval/web/utils.py calls validators.ipv6(ip…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45331	2026-05-19 12:06	2026-05-16	Show	GitHub Exploit DB Packet Storm

772	4.8	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the AccountPending.svelte component renders the admin-configured "Pending User Overl…	CWE-79 Cross-site Scripting	CVE-2026-44568	2026-05-19 12:06	2026-05-16	Show	GitHub Exploit DB Packet Storm

773	4.3	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, when setting model permissions so that a group has read access to it, intending for …	CWE-200 Information Exposure	CVE-2026-45387	2026-05-19 12:05	2026-05-16	Show	GitHub Exploit DB Packet Storm

774	7.2	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint (POST /api/v1/tools/id/{id}/update) is missing the workspac…	CWE-269 CWE-862 Improper Privilege Management Missing Authorization	CVE-2026-45395	2026-05-19 12:05	2026-05-16	Show	GitHub Exploit DB Packet Storm

775	4.3	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, an IDOR vulnerability exists in the Channels feature of Open WebUI, allowing any cha…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45385	2026-05-19 10:45	2026-05-16	Show	GitHub Exploit DB Packet Storm

776	6.3	MEDIUM Network	open5gs	open5gs	A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in …	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-8743	2026-05-19 10:35	2026-05-17	Show	GitHub Exploit DB Packet Storm

777	5.5	MEDIUM Local	steipete	summarize	Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-45246	2026-05-19 10:34	2026-05-19	Show	GitHub Exploit DB Packet Storm

778	5.4	MEDIUM Network	steipete	summarize	Summarize prior to 0.15.1 contains a missing authorization vulnerability that allows attackers to execute browser automation actions without per-call user approval when the extension automation featu…	CWE-862 Missing Authorization	CVE-2026-45244	2026-05-19 10:34	2026-05-19	Show	GitHub Exploit DB Packet Storm

779	7.1	HIGH Network	steipete	summarize	Summarize prior to 0.15.1 contains a path traversal vulnerability in the /v1/summarize daemon endpoint that allows authenticated callers to write files to arbitrary directories by supplying an absolu…	CWE-862 Missing Authorization	CVE-2026-45242	2026-05-19 10:34	2026-05-19	Show	GitHub Exploit DB Packet Storm

780	6.1	MEDIUM Network	steipete	summarize	Summarize prior to 0.15.1 contains a missing authorization vulnerability in the content script window.postMessage bridge that allows malicious pages to perform unauthorized operations on automation a…	CWE-862 Missing Authorization	CVE-2026-45243	2026-05-19 10:34	2026-05-19	Show	GitHub Exploit DB Packet Storm