Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205731 7.2 危険 アップル - 複数の Apple 製品の IOKit における権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-1720 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205732 7.2 危険 アップル - 複数の Apple 製品の IOHIDFamily API における権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-1719 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205733 7.2 危険 アップル - 複数の Apple 製品のディスクイメージコンポーネントにおける権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-1717 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205734 8.3 危険 アップル
Google		 - Android のカーネルの Broadcom Wi-Fi ドライバにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-0802 2016-03-29 15:41 2016-02-1 Show GitHub Exploit DB Packet Storm
205735 8.3 危険 アップル
Google		 - Android のカーネルの Broadcom Wi-Fi ドライバにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-0801 2016-03-29 15:41 2016-02-1 Show GitHub Exploit DB Packet Storm
205736 10 危険 アップル
nghttp2 project		 - nghttp2 のアイドル状態のストリーム処理における脆弱性 CWE-119
バッファエラー 		CVE-2015-8659 2016-03-29 15:41 2015-12-23 Show GitHub Exploit DB Packet Storm
205737 5.8 警告 アップル
xmlsoft.org
Canonical
レッドハット		 - libxml2 の HTML パーサの push インターフェースの SAX2.c の xmlSAX2TextNode 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2015-8242 2016-03-29 15:41 2015-11-20 Show GitHub Exploit DB Packet Storm
205738 7.5 危険 アップル
PNG Development Group		 - libpng の pngrutil.c 内の png_read_IDAT_data 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-0973 2016-03-29 15:40 2015-01-9 Show GitHub Exploit DB Packet Storm
205739 10 危険 アップル
PNG Development Group		 - libpng の png_combine_row 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-9495 2016-03-29 15:40 2014-12-22 Show GitHub Exploit DB Packet Storm
205740 4.7 警告
Network 		Huseyin Berberoglu - WordPress 用プラグイン WP Favorite Posts におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1160 2016-03-29 15:39 2016-03-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
401 5.3 MEDIUM
Network 		- - WWBN AVideo is an open source video platform. In 29.0 and earlier, objects/mention.json.php has no User::loginCheck() or admin gate. It only has an entry guard: preg_match('/^@/', $_REQUEST['term']) … New CWE-204
CWE-285
 Response Discrepancy Information Exposure
Improper Authorization 		CVE-2026-45620 2026-05-30 00:06 2026-05-29 Show GitHub Exploit DB Packet Storm
402 - - - FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if … New CWE-798
 Use of Hard-coded Credentials 		CVE-2026-46376 2026-05-30 00:06 2026-05-29 Show GitHub Exploit DB Packet Storm
403 8.1 HIGH
Network 		- - n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLE_MULTI_TENANT=true, the HTTP transport documents that th… New CWE-284
Improper Access Control 		CVE-2026-45707 2026-05-30 00:06 2026-05-29 Show GitHub Exploit DB Packet Storm
404 5.4 MEDIUM
Network 		- - WWBN AVideo is an open source video platform. In 29.0 and earlier, AVideo stores category descriptions from user input and later renders category_description as raw HTML in the Gallery view. A user w… New CWE-79
Cross-site Scripting 		CVE-2026-47694 2026-05-30 00:06 2026-05-29 Show GitHub Exploit DB Packet Storm
405 - - - A stored cross-site scripting (XSS) vulnerability exists in the notification panel of CTI Transmute in versions prior to the patched release. Notification messages containing user-controlled convert … New CWE-79
Cross-site Scripting 		CVE-2026-9806 2026-05-29 23:46 2026-05-28 Show GitHub Exploit DB Packet Storm
406 - - - FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-9813 2026-05-29 23:46 2026-05-28 Show GitHub Exploit DB Packet Storm
407 4.6 MEDIUM
Network 		- - A path traversal vulnerability was identified in Kibana's dashboard management functionality. An authenticated user with limited permissions could create a dashboard with a specially crafted identifi… New CWE-22
Path Traversal 		CVE-2026-33462 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm
408 5.3 MEDIUM
Network 		- - Operation on a Resource after Expiration or Termination (CWE-672) in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a time-b… New CWE-672
 Operation on a Resource after Expiration or Release 		CVE-2026-33463 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm
409 6.5 MEDIUM
Network 		- - Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to a denial of service via Excessive Allocation (CAPEC-130). An authenticated user holding a low-privileged role can submit a specially … New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-33464 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm
410 4.1 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation (CWE-79) in Kibana can lead to stored HTML injection. A user with write access to an Elasticsearch index could persist crafted markup which… New CWE-79
Cross-site Scripting 		CVE-2026-42401 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm