Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
210111 6.1 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-4239 2015-07-10 10:40 2015-07-2 Show GitHub Exploit DB Packet Storm
210112 4.6 警告 シスコシステムズ - Cisco Nexus デバイス上で稼動する Cisco NX-OS の CLI パーサにおける任意の OS コマンドを実行される脆弱性 CWE-264
CWE-78
CVE-2015-4237 2015-07-10 10:40 2015-07-1 Show GitHub Exploit DB Packet Storm
210113 7.2 危険 シスコシステムズ - Cisco Nexus デバイス上で稼動する Cisco NX-OS における root アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4234 2015-07-10 10:40 2015-06-30 Show GitHub Exploit DB Packet Storm
210114 4.6 警告 シスコシステムズ - Cisco Nexus および MDS 9000 デバイス上で稼動する Cisco NX-OS における任意の OS コマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4232 2015-07-10 10:40 2015-06-30 Show GitHub Exploit DB Packet Storm
210115 3.6 注意 シスコシステムズ - Cisco Nexus 7000 デバイス上で稼動する Cisco NX-OS の Python インタプリタにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4231 2015-07-10 10:40 2015-06-30 Show GitHub Exploit DB Packet Storm
210116 7.8 危険 シスコシステムズ - Cisco Headend System Release におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-4230 2015-07-10 10:40 2015-06-29 Show GitHub Exploit DB Packet Storm
210117 5 警告 シスコシステムズ - Cisco Unified Communications Domain Manager のプラットフォームソフトウェアにおける root アクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2015-4196 2015-07-10 10:40 2015-07-1 Show GitHub Exploit DB Packet Storm
210118 7.6 危険 GNU Project
Debian
Canonical		 - GNU Mailman におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-2775 2015-07-9 18:13 2015-03-31 Show GitHub Exploit DB Packet Storm
210119 7.5 危険 パナソニック株式会社 - Panasonic Security API ActiveX SDK の ipropsapivideo におけるスタックベースのバッファオーバーフローの脆弱性 CWE-20
不適切な入力確認 		CVE-2015-4648 2015-07-9 16:45 2015-06-11 Show GitHub Exploit DB Packet Storm
210120 6.8 警告 パナソニック株式会社 - Panasonic Security API ActiveX SDK の Ipropsapi におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-4647 2015-07-9 16:44 2015-06-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1031 5.4 MEDIUM
Network 		lfprojects mcp_registry The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the public catalogue UI served at GET / (file internal/api/handlers/v0/ui_index.ht… CWE-79
CWE-116
Cross-site Scripting
 Improper Encoding or Escaping of Output 		CVE-2026-44429 2026-05-16 02:52 2026-05-15 Show GitHub Exploit DB Packet Storm
1032 7.2 HIGH
Network 		misp misp MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed an authenticated organ… CWE-863
 Incorrect Authorization 		CVE-2026-44380 2026-05-16 02:42 2026-05-14 Show GitHub Exploit DB Packet Storm
1033 5.3 MEDIUM
Network 		misp misp MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow … CWE-89
SQL Injection 		CVE-2026-44381 2026-05-16 02:37 2026-05-14 Show GitHub Exploit DB Packet Storm
1034 8.1 HIGH
Network 		fit2cloud sqlbot SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR (Insecure Direct Object Reference) and Authorization Bypass … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42463 2026-05-16 02:34 2026-05-14 Show GitHub Exploit DB Packet Storm
1035 9.1 CRITICAL
Network 		opnsense opnsense OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restore_config_section fails to sanitize user supplied input leading to Remote Code Execution. T… CWE-88
Argument Injection 		CVE-2026-44193 2026-05-16 02:30 2026-05-14 Show GitHub Exploit DB Packet Storm
1036 4.7 MEDIUM
Network 		lfprojects mcp_registry The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.6, the client-side and server-side GitHub OIDC flow is bound only to a global audienc… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44428 2026-05-16 02:23 2026-05-15 Show GitHub Exploit DB Packet Storm
1037 9.1 CRITICAL
Network 		opnsense opnsense OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution (RCE) vulnerability in the OPNsense core allows a user with user-management privileg… CWE-78
OS Command  		CVE-2026-44194 2026-05-16 02:19 2026-05-14 Show GitHub Exploit DB Packet Storm
1038 6.5 MEDIUM
Network 		shellhub shellhub ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/sessions/:uid returns the full session object for any authenticated caller, without scoping by the caller's tenant. An authenticated u… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-44423 2026-05-16 02:16 2026-05-14 Show GitHub Exploit DB Packet Storm
1039 7.5 HIGH
Network 		zitadel zitadel ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discovered in Zitadel's LDAP identity provider implementation, which fails to pro… CWE-90
LDAP Injection 		CVE-2026-44671 2026-05-16 02:15 2026-05-15 Show GitHub Exploit DB Packet Storm
1040 6.5 MEDIUM
Network 		frappe erpnext ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.102.0 and 16.11.0, certain endpoints failed to enforce proper authorization checks, allowing users to modify data beyo… CWE-862
 Missing Authorization 		CVE-2026-44448 2026-05-16 01:20 2026-05-14 Show GitHub Exploit DB Packet Storm