Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207191	6.8	警告	アップル	-	Apple iOS および OS X の CoreMedia Playback における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5778	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207192	6.8	警告	アップル	-	Apple iOS および OS X の CoreMedia Playback における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5777	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207193	7.5	危険	アップル	-	Apple iOS および OS X の Libinfo における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5776	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207194	7.5	危険	アップル	-	Apple iOS および OS X の FontParser における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5775	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207195	7.2	危険	アップル	-	Apple iOS および OS X の IOHIDFamily におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2015-5774	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207196	6.8	警告	アップル	-	Apple iOS および OS X の QL Office における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5773	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207197	6.8	警告	アップル	-	Apple iOS および OS X の ImageIO における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5758	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207198	9.3	危険	アップル	-	Apple iOS および OS X の libpthread における特権付きコンテキスト内で任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5757	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207199	6.8	警告	アップル	-	Apple iOS および OS X の FontParser における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-5756	2015-08-21 11:58	2015-08-13	Show	GitHub Exploit DB Packet Storm

207200	7.2	危険	アップル	-	Apple iOS および OS X におけるコード署名の保護メカニズムを回避される脆弱性	CWE-Other その他	CVE-2015-3806	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	7.5	HIGH Network	-	-	pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, a raw string path concatenation vulnerability in pygeoapi's STAC FileSystem… New	CWE-22 Path Traversal	CVE-2026-42351	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

72	-		-	-	Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redirect in UI OIDC login flow via the redirectTo que… New	CWE-601 Open Redirect	CVE-2026-42350	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

73	6.5	MEDIUM Network	-	-	Postiz is an AI social media scheduling tool. From version 2.16.6 to before version 2.21.7, all SSRF protections added in v2.21.4–v2.21.6 share a fundamental TOCTOU (Time-of-Check-Time-of-Use) vulner… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42346	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

74	7.7	HIGH Network	-	-	FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress() function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a full… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42345	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

75	6.3	MEDIUM Network	-	-	FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress() function in packages/service/common/system/utils.ts is vulnerable to DNS rebinding (TOCTOU — Tim… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-42344	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

76	-		-	-	FastGPT is an AI Agent building platform. In versions 4.14.13 and prior, the code-sandbox component suffers from insufficient resource isolation and uncontrolled resource consumption. The service rel… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-42343	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

77	-		-	-	New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-591… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42339	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

78	4.4	MEDIUM Local	-	-	Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a cr… New	CWE-78 OS Command	CVE-2026-42307	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

79	9.8	CRITICAL Network	-	-	FastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the agent-sandbox component of FastGPT is vulnerable to unauthenticated Remote Code Execution (RCE). The star… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-42302	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

80	10.0	CRITICAL Network	-	-	Postiz is an AI social media scheduling tool. Prior to commit da44801, a "Pwn Request" vulnerability in the Build and Publish PR Docker Image workflow (.github/workflows/pr-docker-build.yml) allows a… New	CWE-94 Code Injection	CVE-2026-42298	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm