Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209061	5	警告	IBM	-	IBM Workload Deployer のログビューアにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2014-6190	2015-05-27 15:57	2014-09-2	Show	GitHub Exploit DB Packet Storm

209062	4.3	警告	IBM	-	IBM License Metric Tool および Endpoint Manager for Software Use Analysis におけるクリックジャッキング攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2014-4778	2015-05-27 15:57	2014-07-9	Show	GitHub Exploit DB Packet Storm

209063	6.8	警告	IBM	-	IBM License Metric Tool および Endpoint Manager for Software Use Analysis におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-4774	2015-05-27 15:57	2014-07-9	Show	GitHub Exploit DB Packet Storm

209064	5	警告	日立オラクル	-	Oracle Java SE における Deployment に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-4265	2015-05-26 17:22	2014-07-15	Show	GitHub Exploit DB Packet Storm

209065	4	警告	日立オラクル	-	Oracle Java SE および JRockit における "Diffie-Hellman key agreement" に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-4263	2015-05-26 17:21	2014-07-15	Show	GitHub Exploit DB Packet Storm

209066	9.3	危険	日立オラクル	-	Oracle Java SE における Libraries に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-4262	2015-05-26 17:19	2014-07-15	Show	GitHub Exploit DB Packet Storm

209067	5	警告	日立オラクル	-	Oracle Java SE における Security に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-4252	2015-05-26 17:18	2014-07-15	Show	GitHub Exploit DB Packet Storm

209068	4	警告	日立オラクル	-	Oracle Java SE および JRockit における Security に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-4244	2015-05-26 17:07	2014-07-15	Show	GitHub Exploit DB Packet Storm

209069	10	危険	日立オラクル	-	Oracle Java SE における Deployment に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-4227	2015-05-26 17:05	2014-07-15	Show	GitHub Exploit DB Packet Storm

209070	9.3	危険	日立オラクル	-	Oracle Java SE における Hotspot に関する脆弱性	CWE-noinfo 情報不足	CVE-2014-4219	2015-05-26 17:04	2014-07-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1111	6.5	MEDIUM Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WProyal Royal Elementor Addons allows Stored XSS. This issue affects Royal Elementor Addons: fro… New	CWE-79 Cross-site Scripting	CVE-2026-27421	2026-05-7 23:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1112	5.3	MEDIUM Network	-	-	The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.51.1. This is due to the `processRequest()` method in `Forminator_Admin_Module_Edit_… New	CWE-862 Missing Authorization	CVE-2026-6222	2026-05-7 23:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1113	6.5	MEDIUM Network	-	-	The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.6.10.6. This is due to a flawed authorization logic in the nonce_permiss… New	CWE-862 Missing Authorization	CVE-2026-4807	2026-05-7 23:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1114	6.5	MEDIUM Network	-	-	The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.53.0. This is due to the listen_for_saving_export_schedule() function in library/cla… New	CWE-862 Missing Authorization	CVE-2026-6214	2026-05-7 23:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1115	8.8	HIGH Network	-	-	The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient fil… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-6692	2026-05-7 23:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1116	7.5	HIGH Network	-	-	The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to, and including, 3.7.0. This is du… New	CWE-89 SQL Injection	CVE-2026-4348	2026-05-7 23:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1117	8.1	HIGH Network	-	-	The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validat… New	CWE-22 Path Traversal	CVE-2026-7252	2026-05-7 23:00	2026-05-7	Show	GitHub Exploit DB Packet Storm

1118	4.3	MEDIUM Network	google	chrome	Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted C… New	CWE-693 Protection Mechanism Failure	CVE-2026-8004	2026-05-7 22:54	2026-05-7	Show	GitHub Exploit DB Packet Storm

1119	4.3	MEDIUM Adjacent	google	chrome	Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic.… New	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-8005	2026-05-7 22:54	2026-05-7	Show	GitHub Exploit DB Packet Storm

1120	8.8	HIGH Network	redistimeseries	redistimeseries	RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE comma… Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-25588	2026-05-7 22:46	2026-05-6	Show	GitHub Exploit DB Packet Storm