Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209721	7.5	危険	株式会社イグレックス	-	MilkyStep における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2015-2955	2015-06-16 16:32	2015-06-9	Show	GitHub Exploit DB Packet Storm

209722	7.5	危険	株式会社イグレックス	-	MilkyStep における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-2956	2015-06-16 16:32	2015-06-9	Show	GitHub Exploit DB Packet Storm

209723	2.6	注意	株式会社イグレックス	-	MilkyStep におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-2957	2015-06-16 16:32	2015-06-9	Show	GitHub Exploit DB Packet Storm

209724	6.4	警告	株式会社イグレックス	-	MilkyStep におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-2958	2015-06-16 16:32	2015-06-9	Show	GitHub Exploit DB Packet Storm

209725	7.5	危険	CGI RESCUE	-	BloBee における任意のファイルを作成される脆弱性	CWE-20 不適切な入力確認	CVE-2015-2962	2015-06-16 16:32	2015-06-12	Show	GitHub Exploit DB Packet Storm

209726	6.9	警告	シスコシステムズ	-	Cisco IOS の TCL インタプリタにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-4185	2015-06-16 15:07	2015-06-12	Show	GitHub Exploit DB Packet Storm

209727	5	警告	シスコシステムズ	-	Cisco Email Security Appliance デバイスの Anti-spam Scanner における電子メールの制限を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2015-4184	2015-06-16 15:07	2015-06-12	Show	GitHub Exploit DB Packet Storm

209728	5.5	警告	シスコシステムズ	-	Cisco Identity Services Engine の管理 Web インターフェースにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-4182	2015-06-16 15:07	2015-06-11	Show	GitHub Exploit DB Packet Storm

209729	5	警告	シスコシステムズ	-	Cisco Network Convergence System 6000 デバイス上で稼動する Cisco IOS XR の telnetd におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-0776	2015-06-16 15:07	2015-06-10	Show	GitHub Exploit DB Packet Storm

209730	5	警告	シスコシステムズ	-	複数の Cisco デバイス上で稼動する Cisco NX-OS のバナーの実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-0775	2015-06-16 15:07	2015-06-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1141	8.8	HIGH Network	-	-	AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed i… Update	CWE-79 CWE-94 CWE-1188 Cross-site Scripting Code Injection Insecure Default Initialization of Resource	CVE-2026-43892	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

1142	7.5	HIGH Network	-	-	phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a by… Update	CWE-400 Uncontrolled Resource Consumption	CVE-2026-44167	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

1143	8.2	HIGH Network	-	-	ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address … Update	CWE-184 CWE-918 Incomplete Blacklist Server-Side Request Forgery (SSRF)	CVE-2026-43929	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

1144	6.2	MEDIUM Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/featur… Update	CWE-79 Cross-site Scripting	CVE-2026-42045	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm

1145	-		-	-	Pocketbase is an open source web backend written in go. Prior to 0.22.42 and 0.37.4, in some situations, if an attacker knows the email address of the victim they can create and link an unverified Po… Update	CWE-287 Improper Authentication	CVE-2026-44166	2026-05-14 03:23	2026-05-13	Show	GitHub Exploit DB Packet Storm

1146	3.8	LOW Network	hono	hono	Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows to… New	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2026-44459	2026-05-14 03:21	2026-05-14	Show	GitHub Exploit DB Packet Storm

1147	9.1	CRITICAL Network	-	-	Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and … Update	CWE-287 CWE-697 Improper Authentication Incorrect Comparison	CVE-2026-44196	2026-05-14 03:21	2026-05-13	Show	GitHub Exploit DB Packet Storm

1148	9.1	CRITICAL Network	-	-	Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured… New	CWE-639 CWE-863 Authorization Bypass Through User-Controlled Key Incorrect Authorization	CVE-2026-42889	2026-05-14 03:21	2026-05-13	Show	GitHub Exploit DB Packet Storm

1149	-		-	-	sse-channel is an SSE-implementation which can be used to any node.js http request/response stream. Prior to 4.0.1, implementations that allow user-provided values to be passed to event, retry or id … New	CWE-93 CRLF Injection	CVE-2026-44217	2026-05-14 03:21	2026-05-13	Show	GitHub Exploit DB Packet Storm

1150	9.0	CRITICAL Network	-	-	ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two dis… New	CWE-863 Incorrect Authorization	CVE-2026-44221	2026-05-14 03:21	2026-05-13	Show	GitHub Exploit DB Packet Storm