Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206911	5.5	警告	Resource Data Management Ltd	-	Resource Data Management Data Manager における任意のパスワードを変更される脆弱性	CWE-noinfo 情報不足	CVE-2015-6470	2015-09-30 16:26	2015-09-22	Show	GitHub Exploit DB Packet Storm

206912	7.2	危険	シスコシステムズ	-	Mac OS X および Linux 上で稼働する Cisco AnyConnect Secure Mobility Client における root 権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-6306	2015-09-30 15:20	2015-09-23	Show	GitHub Exploit DB Packet Storm

206913	7.2	危険	シスコシステムズ	-	Windows 上で稼働する Cisco AnyConnect Secure Mobility Client の vpndownloader.exe における権限を取得される脆弱性	CWE-Other その他	CVE-2015-6305	2015-09-30 15:20	2015-09-22	Show	GitHub Exploit DB Packet Storm

206914	6.8	警告	シスコシステムズ	-	Cisco TelePresence Server ソフトウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-6304	2015-09-30 15:20	2015-09-22	Show	GitHub Exploit DB Packet Storm

206915	4.3	警告	シスコシステムズ	-	モバイルオペレーティングシステム用 Cisco Spark アプリケーションにおけるサーバになりすまされる脆弱性	CWE-200 情報漏えい	CVE-2015-6303	2015-09-30 15:20	2015-09-22	Show	GitHub Exploit DB Packet Storm

206916	5	警告	シスコシステムズ	-	Cisco Wireless LAN Controller デバイスのソフトウェアの RADIUS 機能における任意のセッションを切断される脆弱性	CWE-399 リソース管理の問題	CVE-2015-6302	2015-09-30 15:20	2015-09-21	Show	GitHub Exploit DB Packet Storm

206917	7.8	危険	シスコシステムズ	-	Cisco IOS XE におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2015-6282	2015-09-30 15:20	2015-09-23	Show	GitHub Exploit DB Packet Storm

206918	9.3	危険	シスコシステムズ	-	Cisco IOS および IOS XE の SSHv2 機能におけるログインアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2015-6280	2015-09-30 15:20	2015-09-23	Show	GitHub Exploit DB Packet Storm

206919	7.8	危険	シスコシステムズ	-	Cisco IOS および IOS XE のファーストホップセキュリティ機能の IPv6 スヌーピング機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2015-6279	2015-09-30 15:20	2015-09-23	Show	GitHub Exploit DB Packet Storm

206920	6.8	警告	KASDA Networks Inc. Philippine Long Distance Telephone Company (PLDT)	-	Philippine Long Distance Telephone SpeedSurf 504AN デバイスのファームウェアおよび Kasda KW58293 デバイス上で稼働する form2WlanSetup.cgi におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-5991	2015-09-30 11:38	2015-08-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
41	5.5	MEDIUM Local	apple	ipados iphone_os macos visionos	This issue was addressed with improved data protection. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data. New	CWE-200 Information Exposure	CVE-2026-28958	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

42	4.4	MEDIUM Local	anthropic	claude_sdk_for_typescript	Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.91.1, the BetaLocalFilesystemMemoryTool in … Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-41686	2026-05-13 03:37	2026-05-5	Show	GitHub Exploit DB Packet Storm

43	-		-	-	LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before … New	CWE-522 Insufficiently Protected Credentials	CVE-2026-8368	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

44	-		-	-	Improper access control in the notification management endpoints in Devolutions Server allows an unauthenticated attacker to modify or delete arbitrary user notification records via missing session v… New	CWE-862 Missing Authorization	CVE-2026-5146	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

45	-		-	-	WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file sys… New	CWE-20 Improper Input Validation	CVE-2026-44343	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

46	6.5	MEDIUM Network	-	-	Shelf is a platform for tracking physical assets. From 1.12 to before 1.20.1, a SQL injection vulnerability in the sortBy query parameter on the /assets route allows any authenticated user (any role)… New	CWE-20 CWE-89 Improper Input Validation SQL Injection	CVE-2026-44204	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

47	9.1	CRITICAL Network	-	-	Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and … New	CWE-287 CWE-697 Improper Authentication Incorrect Comparison	CVE-2026-44196	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

48	8.0	HIGH Adjacent	-	-	Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, Cleanuparr's global CORS policy refl… New	CWE-346 CWE-942 Origin Validation Error Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-44184	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

49	9.8	CRITICAL Network	-	-	Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.… New	CWE-290 CWE-348 Authentication Bypass by Spoofing Use of Less Trusted Source	CVE-2026-44183	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

50	7.5	HIGH Network	-	-	phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a by… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-44167	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm