Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206901 4.9 警告 オラクル - Oracle Virtualization の Oracle VM VirtualBox における Core に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4813 2015-10-23 10:16 2015-10-20 Show GitHub Exploit DB Packet Storm
206902 4.3 警告 オラクル - Oracle Communications Applications の Oracle Communications Convergence における Mail Proxy に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4793 2015-10-23 09:51 2015-10-20 Show GitHub Exploit DB Packet Storm
206903 10 危険 オラクル - Oracle Communications Applications の 複数のコンポーネントにおける PMAC に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-2608 2015-10-23 09:51 2015-10-20 Show GitHub Exploit DB Packet Storm
206904 7.5 危険 ICU project
Google
オラクル		 - Google Chrome で使用される International Components for Unicode の i18n/ucol.cpp の collator の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-7940 2015-10-23 09:49 2014-11-26 Show GitHub Exploit DB Packet Storm
206905 3.5 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4917 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206906 3.5 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4892 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206907 5 警告 オラクル - Oracle Supply Chain Products Suite の Oracle Configurator における Integration with Peoplesoft に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4848 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206908 4.3 警告 オラクル - Oracle Supply Chain Products Suite の Oracle Configurator における OCI に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4847 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206909 2.1 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4824 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
206910 3.5 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における Security に関する脆弱性 CWE-noinfo
情報不足 		CVE-2015-4797 2015-10-23 09:39 2015-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
701 6.1 MEDIUM
Network 		osgeo mapserver MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker t… Update CWE-80
Basic XSS 		CVE-2026-42030 2026-05-15 03:04 2026-05-9 Show GitHub Exploit DB Packet Storm
702 5.4 MEDIUM
Network 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network. Update CWE-125
Out-of-bounds Read 		CVE-2026-35423 2026-05-15 03:03 2026-05-13 Show GitHub Exploit DB Packet Storm
703 6.5 MEDIUM
Network 		pwpush password_pusher Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated cre… Update CWE-288
NVD-CWE-noinfo
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-41308 2026-05-15 03:03 2026-05-9 Show GitHub Exploit DB Packet Storm
704 5.5 MEDIUM
Local 		gpac gpac A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation of resources. … Update CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-8124 2026-05-15 03:02 2026-05-8 Show GitHub Exploit DB Packet Storm
705 7.5 HIGH
Network 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network. Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-35424 2026-05-15 03:02 2026-05-13 Show GitHub Exploit DB Packet Storm
706 6.5 MEDIUM
Network 		8421bit miniclaw A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the compone… Update CWE-22
Path Traversal 		CVE-2026-8113 2026-05-15 03:02 2026-05-8 Show GitHub Exploit DB Packet Storm
707 9.8 CRITICAL
Network 		yarbo lawn_mower_firmware
lawn_mower_pro_firmware 		A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cann… Update CWE-912
NVD-CWE-noinfo
 Hidden Functionality 		CVE-2026-7413 2026-05-15 02:54 2026-05-8 Show GitHub Exploit DB Packet Storm
708 9.8 CRITICAL
Network 		yarbo lawn_mower_firmware
lawn_mower_pro_firmware 		Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or r… Update CWE-798
 Use of Hard-coded Credentials 		CVE-2026-7414 2026-05-15 02:53 2026-05-8 Show GitHub Exploit DB Packet Storm
709 7.8 HIGH
Local 		microsoft windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2025 		Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. Update CWE-822
 Untrusted Pointer Dereference 		CVE-2026-40369 2026-05-15 02:52 2026-05-13 Show GitHub Exploit DB Packet Storm
710 7.8 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally. Update CWE-122
Heap-based Buffer Overflow 		CVE-2026-40377 2026-05-15 02:52 2026-05-13 Show GitHub Exploit DB Packet Storm