Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207201	7.2	危険	アップル	-	Apple iOS および OS X におけるコード署名の保護メカニズムを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2015-3805	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207202	7.5	危険	アップル	-	Apple iOS および OS X の FontParser における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-3804	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207203	7.2	危険	アップル	-	Apple iOS および OS X におけるコード署名の保護メカニズムを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2015-3803	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207204	7.2	危険	アップル	-	Apple iOS および OS X におけるコード署名の保護メカニズムを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2015-3802	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207205	7.2	危険	アップル	-	Apple iOS および OS X の DiskImages コンポーネントにおける権限を取得される脆弱性	CWE-119 バッファエラー	CVE-2015-3800	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207206	7.5	危険	アップル	-	Apple iOS および OS X の Libc の TRE ライブラリにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-3798	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207207	7.5	危険	アップル	-	Apple iOS および OS X の Libc の TRE ライブラリにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-3797	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207208	7.5	危険	アップル	-	Apple iOS および OS X の Libc の TRE ライブラリにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-3796	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207209	9.3	危険	アップル	-	Apple iOS および OS X の libxpc における特権付きコンテキスト内で任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-3795	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

207210	4.3	警告	アップル	-	Apple iOS および OS X の CloudKit における以前のユーザログインセッションに関連付けられた iCloud ユーザレコードにアクセスされる脆弱性	CWE-200 情報漏えい	CVE-2015-3782	2015-08-21 11:55	2015-08-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
61	-		-	-	FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability allows attackers (or authenticated users with App editing privi… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-44286	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

62	6.3	MEDIUM Network	-	-	FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected int… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-44284	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

63	8.9	HIGH Network	-	-	Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their ow… New	CWE-79 Cross-site Scripting	CVE-2026-42556	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

64	4.3	MEDIUM Network	-	-	AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLL… New	CWE-200 CWE-639 Information Exposure Authorization Bypass Through User-Controlled Key	CVE-2026-42456	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

65	9.9	CRITICAL Network	-	-	Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, all Docker container management endpoints in Termix interpolate t… New	CWE-78 OS Command	CVE-2026-42454	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

66	-		-	-	Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, the extractArchive and compressFiles endpoints in file-manager.ts… New	CWE-77 Command Injection	CVE-2026-42453	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

67	8.1	HIGH Network	-	-	Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT (temp_token) for TOTP-enabled… New	CWE-304 Missing Critical Step in Authentication	CVE-2026-42452	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

68	6.3	MEDIUM Local	-	-	Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting (XSS) vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary Java… New	CWE-79 CWE-80 Cross-site Scripting Basic XSS	CVE-2026-42451	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

69	9.1	CRITICAL Network	-	-	Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the SAML SSO implementation of Sentry. The vulne… New	CWE-290 Authentication Bypass by Spoofing	CVE-2026-42354	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

70	8.6	HIGH Network	-	-	pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, OGC API process execution requests can use the subscriber object to reques… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42352	2026-05-9 08:16	2026-05-9	Show	GitHub Exploit DB Packet Storm