Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204121 7.1 重要
Local 		The PHP Group - PHP の ext/soap/php_http.c の make_http_soap_request 関数におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3185 2016-05-23 11:35 2016-03-3 Show GitHub Exploit DB Packet Storm
204122 5.9 警告
Network 		F5 Networks - 複数の F5 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8099 2016-05-23 11:09 2015-11-9 Show GitHub Exploit DB Packet Storm
204123 9.8 緊急
Network 		Canonical - ubuntu-core-launcher パッケージの setup_snappy_os_mounts 関数における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1580 2016-05-23 10:32 2016-04-29 Show GitHub Exploit DB Packet Storm
204124 9.8 緊急
Network 		Apache Software Foundation - Apache Xerces-C++ の validators/DTD/DTDScanner.cpp における脆弱性 CWE-Other
その他 		CVE-2016-2099 2016-05-23 10:20 2016-05-16 Show GitHub Exploit DB Packet Storm
204125 9.8 緊急
Network 		Oxide project
Canonical		 - Oxide におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-1578 2016-05-23 10:10 2016-04-27 Show GitHub Exploit DB Packet Storm
204126 5.3 警告
Network 		OpenAFS - OpenAFS のクライアントにおける重要なメモリ情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-4536 2016-05-20 17:06 2016-03-16 Show GitHub Exploit DB Packet Storm
204127 6.5 警告
Network 		Debian
OpenAFS		 - OpenAFS の ptserver/ptprocs.c の newEntry 関数におけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-2860 2016-05-20 17:06 2016-03-16 Show GitHub Exploit DB Packet Storm
204128 8.1 重要
Network 		Google - Android 上で稼働する Google Chrome におけるディレクトリトラバーサル攻撃を実行される脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-1671 2016-05-20 16:49 2016-05-11 Show GitHub Exploit DB Packet Storm
204129 5.3 警告
Network 		Google - Google Chrome の content/browser/loader/resource_dispatcher_host_impl.cc における任意の HTTP リクエストを送信される脆弱性 CWE-362
競合状態 		CVE-2016-1670 2016-05-20 16:49 2016-05-11 Show GitHub Exploit DB Packet Storm
204130 8.8 重要
Network 		Google - Google Chrome で使用される Google V8 の zone.cc の Zone::New 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-1669 2016-05-20 16:49 2016-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
441 - - - Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "add_profile_threshold" permission to create a global … New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-33052 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
442 7.5 HIGH
Network 		- - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of… New CWE-400
CWE-459
CWE-770
 Uncontrolled Resource Consumption
 Incomplete Cleanup
 Allocation of Resources Without Limits or Throttling 		CVE-2026-33232 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
443 8.2 HIGH
Local 		- - Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows o… New CWE-24
 Path Traversal: '../filedir' 		CVE-2026-22810 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
444 9.8 CRITICAL
Network 		- - WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and Appium. Versions below 9.24.0 contain a command injection vulnerability leading to r… New CWE-78
OS Command  		CVE-2026-25244 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
445 7.0 HIGH
Local 		- - In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_… New CWE-378
 Creation of Temporary File With Insecure Permissions 		CVE-2026-4137 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
446 - - - GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, an authenticated user with forms READ permission can export the structure of unauthorized forms. This issue… New CWE-862
 Missing Authorization 		CVE-2026-32312 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
447 7.3 HIGH
Local 		- - Mullvad VPN is a VPN client app for desktop and mobile. When using macOS with versions 2026.1 and below, Mullvad VPN may allow local privilege escalation during installation or upgrade. The installer… New CWE-269
CWE-345
CWE-427
 Improper Privilege Management
 Insufficient Verification of Data Authenticity
 Uncontrolled Search Path Element 		CVE-2026-32323 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
448 9.6 CRITICAL
Network 		- - In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests fr… New CWE-346
 Origin Validation Error 		CVE-2026-2611 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
449 5.4 MEDIUM
Network 		microsoft edge_chromium Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. New CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-45492 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
450 8.8 HIGH
Network 		google chrome Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Update CWE-416
 Use After Free 		CVE-2026-8544 2026-05-19 23:53 2026-05-15 Show GitHub Exploit DB Packet Storm