Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
210921 6.8 警告 アップル - Apple OS X の CoreAnimation における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-1136 2015-04-14 15:19 2015-04-8 Show GitHub Exploit DB Packet Storm
210922 5 警告 Quassel IRC - Quassel におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-2778 2015-04-14 12:24 2015-02-21 Show GitHub Exploit DB Packet Storm
210923 6.8 警告 Electric Sheep Fencing - pfSense の WebGUI の system_firmware_restorefullbackup.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2015-2295 2015-04-14 12:23 2015-03-5 Show GitHub Exploit DB Packet Storm
210924 2.1 注意 FreeBSD - FreeBSD の bsdinstall インストーラにおける重要な鍵情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-1415 2015-04-14 12:22 2015-04-7 Show GitHub Exploit DB Packet Storm
210925 7.5 危険 レッドハット - JBoss RichFaces において任意の Java コードが実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2015-0279 2015-04-14 12:03 2015-03-24 Show GitHub Exploit DB Packet Storm
210926 1.9 注意 アップル - Apple iOS のサンドボックスプロファイルコンポーネントにおける直近の連絡先の電話番号を読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-1113 2015-04-14 11:18 2015-04-8 Show GitHub Exploit DB Packet Storm
210927 5 警告 アップル - Apple Safari のプライベートブラウズの実装における閲覧履歴情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-1128 2015-04-14 11:04 2015-04-8 Show GitHub Exploit DB Packet Storm
210928 2.1 注意 アップル - Apple Safari などで使用される WebKit のプライベートブラウズの実装における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-1127 2015-04-14 11:04 2015-04-8 Show GitHub Exploit DB Packet Storm
210929 1.9 注意 アップル - Apple iOS および Apple TV のサンドボックスプロファイルコンポーネントにおけるハードウェアの識別子を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-1114 2015-04-14 10:58 2015-04-8 Show GitHub Exploit DB Packet Storm
210930 1.9 注意 アップル - Apple iOS および Apple TV の IOMobileFramebuffer における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-1097 2015-04-14 10:58 2015-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
951 7.5 HIGH
Network 		- - Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend uses etree.parse() to parse XML files without disabling entity resolution. An attacker can craf… Update CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-31247 2026-05-14 00:47 2026-05-12 Show GitHub Exploit DB Packet Storm
952 7.5 HIGH
Network 		- - Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring() without disabli… Update CWE-776
XML Entity Expansion 		CVE-2026-31248 2026-05-14 00:47 2026-05-12 Show GitHub Exploit DB Packet Storm
953 - - - The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) through its predict() method. When a user provides a dataset file path to the predict() method, the framework auto… Update - CVE-2026-31237 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm
954 - - - The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) in its model serving component. When starting a model server with the ludwig serve command, the framework loads mo… Update - CVE-2026-31238 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm
955 - - - The mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization (CWE-502) when loading pre-trained models from HuggingFace Hub. The MambaLMHeadModel.from_pretrained() method u… Update - CVE-2026-31239 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm
956 - - - The mem0 1.0.0 server lacks authentication and authorization controls for its memory management API endpoints. Critical functions such as updating memory records (PUT /memories/{memory_id}) are expos… Update - CVE-2026-31240 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm
957 9.8 CRITICAL
Network 		- - Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-32661 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm
958 7.8 HIGH
Local 		- - Bytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer,… New CWE-427
 Uncontrolled Search Path Element 		CVE-2026-44612 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm
959 6.5 MEDIUM
Network 		- - ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of… New CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-25107 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm
960 7.2 HIGH
Network 		- - ELECOM wireless LAN access point devices contain an OS command injection vulnerability in processing of ping_ip_addr parameter. If processing a crafted request sent by a logged-in user, an arbitrary … New CWE-78
OS Command  		CVE-2026-35506 2026-05-14 00:47 2026-05-13 Show GitHub Exploit DB Packet Storm