Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206421	4.3	警告	Google	-	Android の System Server における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-6624	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206422	9.3	危険	Google	-	Android の Wi-Fi における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-6623	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206423	5	警告	Google	-	Android の Native Frameworks Library における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-6622	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206424	9.3	危険	Google	-	Android の SystemUI における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-6621	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206425	9.3	危険	Google	-	Android の libstagefright における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-6620	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206426	9.3	危険	Google	-	Android のカーネルにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-6619	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206427	9.3	危険	Google	-	Android で使用される Skia における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-6617	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206428	9.3	危険	Google	-	Android のメディアサーバにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-6616	2015-12-11 10:49	2015-12-7	Show	GitHub Exploit DB Packet Storm

206429	7.5	危険	Mobile Knowledge Systems Inc.	-	TaxiHail に複数の脆弱性	CWE-Other その他	-	2015-12-10 17:57	2015-12-8	Show	GitHub Exploit DB Packet Storm

206430	4.3	警告	マイクロソフト	-	Microsoft Edge におけるクロスサイトスクリプティング保護メカニズムを回避される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-6176	2015-12-10 15:45	2015-12-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	5.4	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST /api/v1/evaluations/feedback endpoint in Open WebUI v0.9.2 is vulnerable to… New	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-45396	2026-05-19 21:20	2026-05-16	Show	GitHub Exploit DB Packet Storm

312	5.3	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, GET /api/v1/retrieval/ returns live RAG pipeline configuration to any unauthenticate… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-45397	2026-05-19 21:19	2026-05-16	Show	GitHub Exploit DB Packet Storm

313	7.5	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, _validate_collection_access() checks the user-memory-* and file-* collection name pr… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45398	2026-05-19 21:18	2026-05-16	Show	GitHub Exploit DB Packet Storm

314	-		-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can return EBUSY. Handle them by checking for that va… New	-	CVE-2026-43493	2026-05-19 21:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

315	-		-	-	In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl() Yiming reports an integer underflow in mpi_read_raw_from_sgl() … New	-	CVE-2026-43492	2026-05-19 21:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

316	-		-	-	In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added … New	-	CVE-2026-43491	2026-05-19 21:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

317	8.5	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, a parsing difference between the urlparse and requests libraries led to an SSRF bypa… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45400	2026-05-19 21:08	2026-05-16	Show	GitHub Exploit DB Packet Storm

318	8.5	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the validate_url() function in backend/open_webui/retrieval/web/utils.py only valida… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45401	2026-05-19 21:07	2026-05-16	Show	GitHub Exploit DB Packet Storm

319	8.8	HIGH Network	huggingface	diffusers	Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trust_remote_code=True safeguard when loading pipelines from Hu… Update	CWE-94 Code Injection	CVE-2026-44827	2026-05-19 12:20	2026-05-15	Show	GitHub Exploit DB Packet Storm

320	8.8	HIGH Network	huggingface	diffusers	Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trust_remote_code bypass in DiffusionPipeline.from_pretrained allows arbitrary remote code execution despite the user p… Update	CWE-94 Code Injection	CVE-2026-44513	2026-05-19 12:18	2026-05-15	Show	GitHub Exploit DB Packet Storm