Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204471 7.5 重要
Network 		IBM - IBM Multi-Enterprise Integration Gateway および B2B Advanced Communications における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-0341 2016-05-23 11:39 2016-05-2 Show GitHub Exploit DB Packet Storm
204472 6.5 警告
Network 		IBM - IBM Bluemix の Java 用 Liberty の Auto-Scaling エージェントにおける X.509 証明書の検証を無効にされる脆弱性 CWE-Other
その他 		CVE-2016-0323 2016-05-23 11:39 2016-03-31 Show GitHub Exploit DB Packet Storm
204473 5.9 警告
Network 		IBM - IBM WebSphere Application Server における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-0306 2016-05-23 11:39 2016-04-8 Show GitHub Exploit DB Packet Storm
204474 7.1 重要
Local 		The PHP Group - PHP の ext/soap/php_http.c の make_http_soap_request 関数におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3185 2016-05-23 11:35 2016-03-3 Show GitHub Exploit DB Packet Storm
204475 5.9 警告
Network 		F5 Networks - 複数の F5 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8099 2016-05-23 11:09 2015-11-9 Show GitHub Exploit DB Packet Storm
204476 9.8 緊急
Network 		Canonical - ubuntu-core-launcher パッケージの setup_snappy_os_mounts 関数における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1580 2016-05-23 10:32 2016-04-29 Show GitHub Exploit DB Packet Storm
204477 9.8 緊急
Network 		Apache Software Foundation - Apache Xerces-C++ の validators/DTD/DTDScanner.cpp における脆弱性 CWE-Other
その他 		CVE-2016-2099 2016-05-23 10:20 2016-05-16 Show GitHub Exploit DB Packet Storm
204478 9.8 緊急
Network 		Oxide project
Canonical		 - Oxide におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-1578 2016-05-23 10:10 2016-04-27 Show GitHub Exploit DB Packet Storm
204479 5.3 警告
Network 		OpenAFS - OpenAFS のクライアントにおける重要なメモリ情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-4536 2016-05-20 17:06 2016-03-16 Show GitHub Exploit DB Packet Storm
204480 6.5 警告
Network 		Debian
OpenAFS		 - OpenAFS の ptserver/ptprocs.c の newEntry 関数におけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-2860 2016-05-20 17:06 2016-03-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 8.8 HIGH
Network 		- - IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the… CWE-88
Argument Injection 		CVE-2026-47114 2026-05-22 06:03 2026-05-22 Show GitHub Exploit DB Packet Storm
102 4.3 MEDIUM
Network 		- - The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and … CWE-862
 Missing Authorization 		CVE-2026-4843 2026-05-22 06:03 2026-05-22 Show GitHub Exploit DB Packet Storm
103 6.1 MEDIUM
Network 		simplesamlphp simplesamlphp-casserver
simplesamlphp_casserver 		SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redire… CWE-601
Open Redirect 		CVE-2025-65954 2026-05-22 06:01 2026-05-19 Show GitHub Exploit DB Packet Storm
104 7.5 HIGH
Network 		mozilla firefox
firefox_focus 		Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151. CWE-693
 Protection Mechanism Failure 		CVE-2026-8945 2026-05-22 05:56 2026-05-19 Show GitHub Exploit DB Packet Storm
105 4.8 MEDIUM
Network 		samba rsync Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass host… CWE-289
 Authentication Bypass by Alternate Name 		CVE-2026-43617 2026-05-22 05:54 2026-05-20 Show GitHub Exploit DB Packet Storm
106 3.7 LOW
Network 		samba rsync Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c that allows network attackers to corrupt stack memor… CWE-193
 Off-by-one Error 		CVE-2026-45232 2026-05-22 05:52 2026-05-20 Show GitHub Exploit DB Packet Storm
107 5.5 MEDIUM
Local 		samba rsync Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash the rsync client process. Atta… CWE-125
Out-of-bounds Read 		CVE-2026-43620 2026-05-22 05:47 2026-05-20 Show GitHub Exploit DB Packet Storm
108 6.3 MEDIUM
Local 		samba rsync Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat … CWE-59
CWE-367
Link Following
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-43619 2026-05-22 05:42 2026-05-20 Show GitHub Exploit DB Packet Storm
109 8.1 HIGH
Network 		samba rsync Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigg… CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2026-43618 2026-05-22 05:34 2026-05-20 Show GitHub Exploit DB Packet Storm
110 6.5 MEDIUM
Network 		faraday_project faraday Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Versions 2.0.0 through 2.14.1 still allow protocol-relative host override when the request tar… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-33637 2026-05-22 05:17 2026-05-20 Show GitHub Exploit DB Packet Storm