Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
207361 5 警告 The PHP Group
アップル		 - PHP におけるアクセス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2006-7243 2015-08-13 15:49 2006-12-18 Show GitHub Exploit DB Packet Storm
207362 7.2 危険 Clutter Project - Clutter のジェスチャ処理コードにおけるロックスクリーンを回避される脆弱性 CWE-Other
その他 		CVE-2015-3213 2015-08-13 15:42 2015-06-1 Show GitHub Exploit DB Packet Storm
207363 - - OpenAFS - ** 削除 ** OpenAFS の vlserver におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2015-3287 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
207364 4.6 警告 OpenAFS - OpenAFS の Solaris カーネルエクステンションにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-3286 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
207365 2.1 注意 OpenAFS - OpenAFS の OSD FS コマンドの pioctl におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2015-3285 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
207366 2.1 注意 OpenAFS - OpenAFS の pioctls におけるカーネルメモリを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-3284 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
207367 6.8 警告 OpenAFS - OpenAFS における bos コマンドを偽造される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-3283 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
207368 4.3 警告 OpenAFS - OpenAFS の vos におけるスタックデータを取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-3282 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
207369 4.6 警告 Linux Containers - LXC の attach.c における AppArmor または SELinux の閉じ込めを回避される脆弱性 CWE-Other
その他 		CVE-2015-1334 2015-08-13 14:52 2015-07-17 Show GitHub Exploit DB Packet Storm
207370 4.9 警告 Linux Containers - LXC の lxclock.c における任意のファイルを作成される脆弱性 CWE-59
リンク解釈の問題 		CVE-2015-1331 2015-08-13 14:51 2015-07-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251 - - - CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. The l… New CWE-863
 Incorrect Authorization 		CVE-2026-33489 2026-05-8 00:10 2026-05-6 Show GitHub Exploit DB Packet Storm
252 6.5 MEDIUM
Network 		- - Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to C… New CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2026-27644 2026-05-8 00:09 2026-05-5 Show GitHub Exploit DB Packet Storm
253 5.4 MEDIUM
Network 		- - Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the KML and GPX export functionality writes device names to XML output without proper … New CWE-91
Blind XPath Injection 		CVE-2026-27693 2026-05-8 00:09 2026-05-5 Show GitHub Exploit DB Packet Storm
254 5.4 MEDIUM
Network 		- - Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver n… New CWE-79
Cross-site Scripting 		CVE-2026-27694 2026-05-8 00:09 2026-05-5 Show GitHub Exploit DB Packet Storm
255 7.5 HIGH
Network 		- - NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core database package co… New CWE-89
SQL Injection 		CVE-2026-41640 2026-05-8 00:08 2026-05-7 Show GitHub Exploit DB Packet Storm
256 - - - Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._red… New CWE-601
Open Redirect 		CVE-2025-61669 2026-05-8 00:07 2026-05-6 Show GitHub Exploit DB Packet Storm
257 - - - Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_d… New CWE-22
Path Traversal 		CVE-2026-35397 2026-05-8 00:07 2026-05-6 Show GitHub Exploit DB Packet Storm
258 - - - Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pa… New CWE-777
CVE-2026-40110 2026-05-8 00:07 2026-05-6 Show GitHub Exploit DB Packet Storm
259 - - - In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 an… New CWE-79
Cross-site Scripting 		CVE-2026-40171 2026-05-8 00:07 2026-05-7 Show GitHub Exploit DB Packet Storm
260 - - - OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnera… New CWE-22
Path Traversal 		CVE-2026-40075 2026-05-8 00:06 2026-05-6 Show GitHub Exploit DB Packet Storm