Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209551 7.8 危険 IPsec-Tools - IPsec-Tools の racoon/gssapi.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2015-4047 2015-06-3 10:21 2015-05-6 Show GitHub Exploit DB Packet Storm
209552 10 危険 Visual Mining - Visual Mining NetCharts Server の Developer ツールの projectContents.jsp における任意のファイルの名前を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4032 2015-06-3 10:08 2015-05-22 Show GitHub Exploit DB Packet Storm
209553 7.5 危険 Milw0rm project - Milw0rm Clone Script の related.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-4137 2015-06-3 10:00 2015-05-19 Show GitHub Exploit DB Packet Storm
209554 4 警告 OpenStack
オラクル		 - OpenStack Object Storage における max_meta_count の制約を回避される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-7960 2015-06-2 17:45 2014-10-6 Show GitHub Exploit DB Packet Storm
209555 7.2 危険 Linux - Linux Kernel の特定の splice_write ファイル操作の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-7822 2015-06-2 17:42 2014-06-12 Show GitHub Exploit DB Packet Storm
209556 5 警告 Fabrice Bellard
Canonical		 - QEMU の ui/vnc.c の set_pixel_format 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-7815 2015-06-2 17:38 2014-10-28 Show GitHub Exploit DB Packet Storm
209557 7.2 危険 GNOME Project - GNOME Shell における無人のワークステーション上で任意のコマンドを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-7300 2015-06-2 17:37 2014-10-14 Show GitHub Exploit DB Packet Storm
209558 5 警告 Debian - Exuberant の jscript.c においてサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-7204 2015-06-2 17:35 2014-10-4 Show GitHub Exploit DB Packet Storm
209559 7.8 危険 Linux - Linux Kernel の fs/cifs/smb2pdu.c 内の SMB2_tcon 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-7145 2015-06-2 17:33 2014-09-17 Show GitHub Exploit DB Packet Storm
209560 4.3 警告 OpenStack - OpenStack keystonemiddleware における中間者攻撃を実行される脆弱性 CWE-310
暗号の問題 		CVE-2014-7144 2015-06-2 17:31 2014-09-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1011 5.3 MEDIUM
Network 		eclipse vert.x A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accep… Update CWE-770
CWE-295
 Allocation of Resources Without Limits or Throttling
Improper Certificate Validation  		CVE-2026-6860 2026-05-12 22:42 2026-05-6 Show GitHub Exploit DB Packet Storm
1012 6.5 MEDIUM
Network 		apache cloudstack The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e… Update CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2025-66171 2026-05-12 22:31 2026-05-8 Show GitHub Exploit DB Packet Storm
1013 8.1 HIGH
Network 		apache cloudstack The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e… Update CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2025-66172 2026-05-12 22:30 2026-05-8 Show GitHub Exploit DB Packet Storm
1014 - - - Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in ninenines cowlib allows SSE event splitting and injection via unvalidated field values. cow_sse:event/1 in cowlib guards… New CWE-93
CRLF Injection 		CVE-2026-43968 2026-05-12 22:17 2026-05-12 Show GitHub Exploit DB Packet Storm
1015 2.9 LOW
Local 		- - The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information. New - CVE-2026-32684 2026-05-12 20:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1016 - - - Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based… New CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2026-8072 2026-05-12 19:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1017 6.1 MEDIUM
Local 		- - Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the d… New CWE-674
 Uncontrolled Recursion 		CVE-2026-1681 2026-05-12 16:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1018 7.1 HIGH
Network 		- - The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks. New CWE-352
 Origin Validation Error 		CVE-2026-45430 2026-05-12 13:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1019 7.1 HIGH
Network 		- - New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.12.10, a vulnerability exists in the Stripe webhook handler that allows an … Update CWE-345
CWE-863
CWE-1188
 Insufficient Verification of Data Authenticity
 Incorrect Authorization
 Insecure Default Initialization of Resource 		CVE-2026-41432 2026-05-12 12:16 2026-05-9 Show GitHub Exploit DB Packet Storm
1020 4.3 MEDIUM
Network 		google chrome Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Update NVD-CWE-noinfo
CWE-346
 Origin Validation Error 		CVE-2026-7979 2026-05-12 10:16 2026-05-7 Show GitHub Exploit DB Packet Storm