Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209061 5 警告 Stuart Caie - libmspack の qtmd_decompress 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2014-9556 2015-05-12 17:33 2014-12-30 Show GitHub Exploit DB Packet Storm
209062 4 警告 Linux
レッドハット		 - Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態 		CVE-2014-3940 2015-05-12 17:29 2014-03-18 Show GitHub Exploit DB Packet Storm
209063 5 警告 Andreas Gohr - DokuWiki の inc/template.php における任意の画像にアクセスされる脆弱性 CWE-200
情報漏えい 		CVE-2014-8761 2015-05-12 17:29 2014-06-25 Show GitHub Exploit DB Packet Storm
209064 6.4 警告 FreeType Project - FreeType の base/ftmac.c 内の parse_fond 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-9672 2015-05-12 17:27 2014-11-26 Show GitHub Exploit DB Packet Storm
209065 5 警告 Linux - Linux Kernel の net/mac80211/tx.c 内の ieee80211_fragment 関数における重要な平文情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-8709 2015-05-12 17:26 2014-02-22 Show GitHub Exploit DB Packet Storm
209066 7.5 危険 Mozilla Foundation - Mozilla Firefox および SeaMonkey の WebRTC の実装における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2014-8641 2015-05-12 17:25 2014-11-6 Show GitHub Exploit DB Packet Storm
209067 7.5 危険 FreeType Project - FreeType の sfnt/ttload.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-9667 2015-05-12 17:24 2014-11-12 Show GitHub Exploit DB Packet Storm
209068 7.5 危険 FreeType Project - FreeType の sfnt/ttsbit.c 内の tt_sbit_decoder_init 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2014-9666 2015-05-12 17:23 2014-11-12 Show GitHub Exploit DB Packet Storm
209069 6.8 警告 Mozilla Foundation - 複数の Mozilla 製品におけるセッション固定攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2014-8639 2015-05-12 17:23 2014-11-6 Show GitHub Exploit DB Packet Storm
209070 7.5 危険 FreeType Project - FreeType の cff/cf2ft.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-9662 2015-05-12 17:21 2014-11-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
841 6.1 MEDIUM
Local 		- - CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-42144 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
842 4.4 MEDIUM
Network 		- - PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery (SSRF). The macro allows user… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42140 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
843 - - - Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/fi… New CWE-79
Cross-site Scripting 		CVE-2026-42138 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
844 6.5 MEDIUM
Network 		- - titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscr… New CWE-200
Information Exposure 		CVE-2026-42092 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
845 9.6 CRITICAL
Network 		- - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Py… New CWE-250
 Execution with Unnecessary Privileges 		CVE-2026-42088 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
846 4.6 MEDIUM
Network 		- - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval() function on… New CWE-79
Cross-site Scripting 		CVE-2026-42086 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
847 4.3 MEDIUM
Network 		- - OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in… New CWE-23
 Relative Path Traversal 		CVE-2026-42085 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
848 8.1 HIGH
Network 		- - Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download (fetch) command allows attackers to write files to arbitrary… New CWE-22
Path Traversal 		CVE-2026-42075 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
849 5.3 MEDIUM
Network 		- - Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/{id}, /api/… New CWE-285
Improper Authorization 		CVE-2026-41572 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm
850 9.4 CRITICAL
Network 		- - Note Mark is an open-source note-taking application. In version 0.19.2, IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt("null") placeholder whenever a user has no stored pas… New CWE-287
Improper Authentication 		CVE-2026-41571 2026-05-5 03:16 2026-05-5 Show GitHub Exploit DB Packet Storm