Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206601 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Service Contracts における Renewals に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0558 2016-01-25 12:16 2016-01-19 Show GitHub Exploit DB Packet Storm
206602 5.5 警告 オラクル - Oracle E-Business Suite の Oracle Advanced Collections における Administration に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0557 2016-01-25 12:16 2016-01-19 Show GitHub Exploit DB Packet Storm
206603 5.5 警告 オラクル - Oracle E-Business Suite の Oracle Advanced Collections における Administration に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0556 2016-01-25 09:49 2016-01-19 Show GitHub Exploit DB Packet Storm
206604 4.3 警告 オラクル - Oracle E-Business Suite の Oracle CADView-3D における Studio に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0555 2016-01-25 09:49 2016-01-19 Show GitHub Exploit DB Packet Storm
206605 6.4 警告 オラクル - Oracle E-Business Suite の Oracle Interaction Center Intelligence における Business Intelligence に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0554 2016-01-25 09:49 2016-01-19 Show GitHub Exploit DB Packet Storm
206606 6.4 警告 オラクル - Oracle E-Business Suite の Oracle E-Business Intelligence における Definition に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0553 2016-01-25 09:49 2016-01-19 Show GitHub Exploit DB Packet Storm
206607 6.4 警告 オラクル - Oracle E-Business Suite の Oracle Customer Intelligence における Data Issues に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0552 2016-01-25 09:49 2016-01-19 Show GitHub Exploit DB Packet Storm
206608 6.4 警告 オラクル - Oracle E-Business Suite の Oracle Customer Intelligence における Data Issues に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0551 2016-01-25 09:49 2016-01-19 Show GitHub Exploit DB Packet Storm
206609 6.4 警告 オラクル - Oracle E-Business Suite の Oracle CRM Technical Foundation における CRM HTML Administration に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0550 2016-01-25 09:49 2016-01-19 Show GitHub Exploit DB Packet Storm
206610 6.4 警告 オラクル - Oracle E-Business Suite の Oracle E-Business Intelligence における Common Components に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-0549 2016-01-25 09:48 2016-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1511 6.5 MEDIUM
Adjacent 		- - A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTP_MSG_MANAGEMENT message to se… Update CWE-1335
 Incorrect Bitwise Shift of Integer 		CVE-2026-5072 2026-05-27 03:16 2026-05-22 Show GitHub Exploit DB Packet Storm
1512 8.2 HIGH
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which silently turns on --domain at engine/flags.go:372), the request… New CWE-22
CWE-23
CWE-644
Path Traversal
 Relative Path Traversal
 Improper Neutralization of HTTP Headers for Scripting Syntax 		CVE-2026-48126 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1513 - - - Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given k… New CWE-287
CWE-345
CWE-697
Improper Authentication
 Insufficient Verification of Data Authenticity
 Incorrect Comparison 		CVE-2026-47202 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1514 4.3 MEDIUM
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, the SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard * regardless of the caller's O… New CWE-942
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2026-46431 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1515 7.5 HIGH
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibl… New CWE-209
CWE-489
CWE-540
CWE-1188
Information Exposure Through an Error Message
Exposure of Data Element to Wrong Session 
 Inclusion of Sensitive Information in Source Code
 Insecure Default Initialization of Resource 		CVE-2026-45728 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1516 9.0 CRITICAL
Network 		- - Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent… New CWE-20
CWE-426
CWE-552
 Improper Input Validation 
 Untrusted Search Path
 Files or Directories Accessible to External Parties 		CVE-2026-45721 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1517 - - - Kavita is a cross platform reading server. Prior to 0.9.0, the download, size-check, and chapter metadata endpoints do not enforce library-level authorization. A low-privileged user who knows or gues… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-44776 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1518 - - - Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with [AllowAnonymous], allowing completely unauthenticated access to page images from an… New CWE-306
Missing Authentication for Critical Function 		CVE-2026-44775 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1519 4.3 MEDIUM
Network 		- - The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts (e.g., regex patterns) and revealing underlying URI parsing logic. Leadi… New CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2026-44749 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1520 6.8 MEDIUM
Network 		- - Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover (Pre-ATO) vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enf… New CWE-283
CWE-287
 Unverified Ownership
Improper Authentication 		CVE-2026-44707 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm