Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207091	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品の Windows Journal における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2015-2530	2015-09-10 15:51	2015-09-8	Show	GitHub Exploit DB Packet Storm

207092	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品の Windows Journal における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2015-2519	2015-09-10 15:51	2015-09-8	Show	GitHub Exploit DB Packet Storm

207093	4.3	警告	マイクロソフト	-	複数の Microsoft Windows 製品の Windows Journal におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2015-2516	2015-09-10 15:51	2015-09-8	Show	GitHub Exploit DB Packet Storm

207094	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品の Windows Journal における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2015-2514	2015-09-10 15:51	2015-09-8	Show	GitHub Exploit DB Packet Storm

207095	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品の Windows Journal における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2015-2513	2015-09-10 15:51	2015-09-8	Show	GitHub Exploit DB Packet Storm

207096	1.9	注意	マイクロソフト	-	複数の Microsoft Windows 製品の Hyper-V におけるネットワークトラフィックの制限を回避される脆弱性	CWE-Other その他	CVE-2015-2534	2015-09-10 15:22	2015-09-8	Show	GitHub Exploit DB Packet Storm

207097	4	警告	マイクロソフト	-	複数の Microsoft Windows Server 製品の Active Directory におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2015-2535	2015-09-10 15:22	2015-09-8	Show	GitHub Exploit DB Packet Storm

207098	5	警告	マイクロソフト	-	Microsoft .NET Framework における ASP.NET Web サイトのサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2015-2526	2015-09-10 15:20	2015-09-8	Show	GitHub Exploit DB Packet Storm

207099	9.3	危険	マイクロソフト	-	Microsoft .NET Framework における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-2504	2015-09-10 15:20	2015-09-8	Show	GitHub Exploit DB Packet Storm

207100	7.2	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2015-2546	2015-09-10 15:13	2015-09-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
201	-		-	-	New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-591… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42339	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

202	4.4	MEDIUM Local	-	-	Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a cr… New	CWE-78 OS Command	CVE-2026-42307	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

203	9.8	CRITICAL Network	-	-	FastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the agent-sandbox component of FastGPT is vulnerable to unauthenticated Remote Code Execution (RCE). The star… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-42302	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

204	10.0	CRITICAL Network	-	-	Postiz is an AI social media scheduling tool. Prior to commit da44801, a "Pwn Request" vulnerability in the Build and Publish PR Docker Image workflow (.github/workflows/pr-docker-build.yml) allows a… New	CWE-94 Code Injection	CVE-2026-42298	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

205	6.8	MEDIUM Network	-	-	SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints for reading and creating sharing links for personal notes is not properly au… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-42291	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

206	9.8	CRITICAL Network	gitpython_project	gitpython	GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, _clone() validates multi_options as the original list, then executes shlex.split(" ".join(multi_options)… New	CWE-88 Argument Injection	CVE-2026-42284	2026-05-9 08:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

207	-		-	-	Saltcorn is an extensible, open source, no-code database application builder. Prior to versions 1.4.6, 1.5.6, and 1.6.0-beta.5, Saltcorn validates the post-login dest parameter with a string check th… New	CWE-601 Open Redirect	CVE-2026-42259	2026-05-9 08:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

208	7.6	HIGH Network	-	-	ipl/web is a set of common web components for php projects. Prior to version 0.13.1, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the conte… New	CWE-79 Cross-site Scripting	CVE-2026-42224	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

209	-		-	-	pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi() cast in parse_uri(… New	CWE-195 CWE-918 Signed to Unsigned Conversion Error Server-Side Request Forgery (SSRF)	CVE-2026-41682	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

210	7.9	HIGH Local	-	-	Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when … New	CWE-200 CWE-312 Information Exposure Cleartext Storage of Sensitive Information	CVE-2026-41520	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm