Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
207211 3.3 注意 アップル - Apple iOS および OS X の bootp における以前の Wi-Fi セッションの MAC アドレスについての重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-3778 2015-08-21 11:55 2015-08-13 Show GitHub Exploit DB Packet Storm
207212 9.3 危険 アップル - Apple iOS および OS X の IOKit における特権付きコンテキスト内で任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-3776 2015-08-21 11:55 2015-08-13 Show GitHub Exploit DB Packet Storm
207213 9.3 危険 アップル - Apple iOS および OS X のカーネルにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2015-3768 2015-08-21 11:55 2015-08-13 Show GitHub Exploit DB Packet Storm
207214 4.3 警告 アップル - Apple iOS および OS X のカーネルにおける重要なメモリレイアウト情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-3766 2015-08-21 11:55 2015-08-13 Show GitHub Exploit DB Packet Storm
207215 4.3 警告 アップル - Apple Safari などで使用される Webkit のプライベートブラウズの実装におけるユーザを追跡される脆弱性 CWE-200
情報漏えい 		CVE-2015-3754 2015-08-21 10:16 2015-08-13 Show GitHub Exploit DB Packet Storm
207216 4.3 警告 アップル - Apple iOS などの製品上で動作する Apple Safari などで使用される WebKit におけるユーザインターフェースを偽造される脆弱性 CWE-Other
その他 		CVE-2015-3755 2015-08-21 09:51 2015-08-13 Show GitHub Exploit DB Packet Storm
207217 5.8 警告 アップル - Apple iOS の MobileInstallation における任意の拡張子を置き換えられる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-5770 2015-08-20 16:59 2015-08-13 Show GitHub Exploit DB Packet Storm
207218 7.1 危険 アップル - Apple iOS の MSVDX ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2015-5769 2015-08-20 16:59 2015-08-13 Show GitHub Exploit DB Packet Storm
207219 5 警告 アップル - Apple iOS の Air Traffic におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-5766 2015-08-20 16:59 2015-08-13 Show GitHub Exploit DB Packet Storm
207220 5 警告 アップル - Apple iOS などで使用される WebKit におけるクリックを偽造される脆弱性 CWE-Other
その他 		CVE-2015-5759 2015-08-20 16:59 2015-08-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
51 8.6 HIGH
Network 		- - Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgra… New CWE-917
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2026-41705 2026-05-9 10:16 2026-05-9 Show GitHub Exploit DB Packet Storm
52 9.1 CRITICAL
Network 		- - Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. Prior to version 2.13.0, a Server-Side Request Forgery (SSRF) vulnerability in the f… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44313 2026-05-9 09:16 2026-05-9 Show GitHub Exploit DB Packet Storm
53 - - - Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In versions 2.14.0 and prior, the archive upload endpoint (POST /api/v1/archives/[li… New CWE-79
Cross-site Scripting 		CVE-2026-42455 2026-05-9 09:16 2026-05-9 Show GitHub Exploit DB Packet Storm
54 - - - UltraDAG is a minimal DAG-BFT blockchain in Rust. Prior to commit fb6ef59, the UltraDAG StateEngine implementation of SmartTransferTx contains a critical logic flaw in its policy enforcement pipeline… New CWE-284
CWE-639
Improper Access Control
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42278 2026-05-9 09:16 2026-05-8 Show GitHub Exploit DB Packet Storm
55 8.1 HIGH
Network 		praison praisonai
praisonaiagents 		PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.9 and praisonaiagents version 1.6.9, the fix for CVE-2026-40315 added input validation to SQLiteConversationStore only. Nine si… New CWE-89
SQL Injection 		CVE-2026-41496 2026-05-9 09:16 2026-05-8 Show GitHub Exploit DB Packet Storm
56 9.8 CRITICAL
Network 		- - Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.… New CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-8091 2026-05-9 08:16 2026-05-7 Show GitHub Exploit DB Packet Storm
57 7.2 HIGH
Network 		- - A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cann… New CWE-912
 Hidden Functionality 		CVE-2026-7413 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
58 6.6 MEDIUM
Local 		- - Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 enc… New CWE-122
CWE-190
Heap-based Buffer Overflow
 Integer Overflow or Wraparound 		CVE-2026-45130 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
59 3.8 LOW
Network 		- - SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If th… New CWE-269
 Improper Privilege Management 		CVE-2026-44987 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm
60 - - - Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… New CWE-78
OS Command  		CVE-2026-44656 2026-05-9 08:16 2026-05-9 Show GitHub Exploit DB Packet Storm