Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
207161 9.3 危険 アップル - Apple OS X の Install Framework Legacy コンポーネントにおける特権付きコンテキスト内で任意のコードを実行される脆弱性 CWE-362
競合状態 		CVE-2015-5754 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207162 6.8 警告 アップル - Apple OS X の QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-5753 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207163 7.5 危険 アップル - Apple OS X の Data Detectors Engine における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-5750 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207164 4.9 警告 アップル - Apple OS X のカーネルの fasttrap ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-5747 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207165 9.3 危険 アップル - Apple OS X の Apple ID OD プラグインにおける任意のユーザパスワードを変更される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2015-3799 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207166 6.8 警告 アップル - Apple OS X の Speech UI における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-3794 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207167 3.3 注意 アップル - Apple OS X の Bluetooth サブシステムにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-3787 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207168 4.3 警告 アップル - Apple OS X の Bluetooth サブシステムにおける特定のペアとなるデバイスの Notification Center の通知を読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-3786 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207169 7.5 危険 アップル - Apple OS X の SceneKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-3783 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
207170 4.3 警告 アップル - Apple OS X の Quick Look におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-3781 2015-08-21 15:07 2015-08-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
51 8.6 HIGH
Network 		- - Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgra… New CWE-917
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2026-41705 2026-05-9 10:16 2026-05-9 Show GitHub Exploit DB Packet Storm
52 9.1 CRITICAL
Network 		- - Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. Prior to version 2.13.0, a Server-Side Request Forgery (SSRF) vulnerability in the f… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44313 2026-05-9 09:16 2026-05-9 Show GitHub Exploit DB Packet Storm
53 - - - Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In versions 2.14.0 and prior, the archive upload endpoint (POST /api/v1/archives/[li… New CWE-79
Cross-site Scripting 		CVE-2026-42455 2026-05-9 09:16 2026-05-9 Show GitHub Exploit DB Packet Storm
54 - - - UltraDAG is a minimal DAG-BFT blockchain in Rust. Prior to commit fb6ef59, the UltraDAG StateEngine implementation of SmartTransferTx contains a critical logic flaw in its policy enforcement pipeline… New CWE-284
CWE-639
Improper Access Control
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42278 2026-05-9 09:16 2026-05-8 Show GitHub Exploit DB Packet Storm
55 8.1 HIGH
Network 		praison praisonai
praisonaiagents 		PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.9 and praisonaiagents version 1.6.9, the fix for CVE-2026-40315 added input validation to SQLiteConversationStore only. Nine si… New CWE-89
SQL Injection 		CVE-2026-41496 2026-05-9 09:16 2026-05-8 Show GitHub Exploit DB Packet Storm
56 9.8 CRITICAL
Network 		- - Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.… New CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-8091 2026-05-9 08:16 2026-05-7 Show GitHub Exploit DB Packet Storm
57 7.2 HIGH
Network 		- - A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cann… New CWE-912
 Hidden Functionality 		CVE-2026-7413 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
58 6.6 MEDIUM
Local 		- - Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 enc… New CWE-122
CWE-190
Heap-based Buffer Overflow
 Integer Overflow or Wraparound 		CVE-2026-45130 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
59 3.8 LOW
Network 		- - SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If th… New CWE-269
 Improper Privilege Management 		CVE-2026-44987 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
60 - - - Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… New CWE-78
OS Command  		CVE-2026-44656 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm