Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206901 4.9 警告 オラクル - Oracle Virtualization の Oracle VM VirtualBox における Core に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4813 2015-10-23 10:16 2015-10-20 Show GitHub Exploit DB Packet Storm
206902 4.3 警告 オラクル - Oracle Communications Applications の Oracle Communications Convergence における Mail Proxy に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4793 2015-10-23 09:51 2015-10-20 Show GitHub Exploit DB Packet Storm
206903 10 危険 オラクル - Oracle Communications Applications の 複数のコンポーネントにおける PMAC に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-2608 2015-10-23 09:51 2015-10-20 Show GitHub Exploit DB Packet Storm
206904 7.5 危険 ICU project
Google
オラクル		 - Google Chrome で使用される International Components for Unicode の i18n/ucol.cpp の collator の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-7940 2015-10-23 09:49 2014-11-26 Show GitHub Exploit DB Packet Storm
206905 3.5 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4917 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206906 3.5 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4892 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206907 5 警告 オラクル - Oracle Supply Chain Products Suite の Oracle Configurator における Integration with Peoplesoft に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4848 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206908 4.3 警告 オラクル - Oracle Supply Chain Products Suite の Oracle Configurator における OCI に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4847 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206909 2.1 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4824 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206910 3.5 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4797 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
691 - - - Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Flowsint allows a user to create investigations, whic… New CWE-79
Cross-site Scripting 		CVE-2026-42159 2026-05-15 03:12 2026-05-15 Show GitHub Exploit DB Packet Storm
692 - - - MagicMirror² is an open source modular smart mirror platform. Prior to 2.36.0, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability in the /cors endpoint allows any remote attacker to … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42281 2026-05-15 03:12 2026-05-15 Show GitHub Exploit DB Packet Storm
693 7.7 HIGH
Local 		- - DevSpace is a client-only developer tool for cloud-native development with Kubernetes. Prior to 6.3.21, DevSpace's UI server WebSocket accepts connections from all origins by default, and therefore s… New CWE-200
CWE-306
Information Exposure
Missing Authentication for Critical Function 		CVE-2026-42283 2026-05-15 03:12 2026-05-15 Show GitHub Exploit DB Packet Storm
694 9.1 CRITICAL
Network 		n8n-mcp n8n-mcp n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side … Update CWE-367
CWE-918
 Time-of-check Time-of-use (TOCTOU) Race Condition
Server-Side Request Forgery (SSRF)  		CVE-2026-44694 2026-05-15 03:10 2026-05-9 Show GitHub Exploit DB Packet Storm
695 4.3 MEDIUM
Network 		n8n-mcp n8n-mcp n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.13, when n8n-mcp runs in HTTP transport mode, authenticated MC… Update CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-42282 2026-05-15 03:07 2026-05-9 Show GitHub Exploit DB Packet Storm
696 7.5 HIGH
Network 		russh_project
warpgate_project 		russh
warpgate 		Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malici… Update CWE-770
CWE-789
 Allocation of Resources Without Limits or Throttling
 Memory Allocation with Excessive Size Value 		CVE-2026-42189 2026-05-15 03:07 2026-05-9 Show GitHub Exploit DB Packet Storm
697 5.3 MEDIUM
Network 		n8n-mcp n8n-mcp n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.11, when n8n-mcp runs in HTTP transport mode, incoming request… Update CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-41495 2026-05-15 03:06 2026-05-9 Show GitHub Exploit DB Packet Storm
698 7.8 HIGH
Local 		microsoft windows_server_2012
windows_server_2016
windows_server_2019
windows_server_2022
windows_server_2022_23h2
windows_server_2025 		Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. Update CWE-122
Heap-based Buffer Overflow 		CVE-2026-35420 2026-05-15 03:06 2026-05-13 Show GitHub Exploit DB Packet Storm
699 7.8 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally. Update CWE-122
Heap-based Buffer Overflow 		CVE-2026-35421 2026-05-15 03:05 2026-05-13 Show GitHub Exploit DB Packet Storm
700 6.5 MEDIUM
Network 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network. Update CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-35422 2026-05-15 03:04 2026-05-13 Show GitHub Exploit DB Packet Storm