Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
210941	6.8	警告	Watchdog Aggregator project	-	Drupal 用 Watchdog Aggregator モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-4355	2015-06-17 16:45	2015-02-25	Show	GitHub Exploit DB Packet Storm

210942	2.6	注意	SMS Framework project	-	Drupal 用 SMS Framework モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-4346	2015-06-17 16:45	2015-02-23	Show	GitHub Exploit DB Packet Storm

210943	5	警告	Klaus Purer	-	Drupal 用 RESTful Web Services モジュールの RESTWS Basic Auth サブモジュールにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-4345	2015-06-17 16:45	2015-02-18	Show	GitHub Exploit DB Packet Storm

210944	5	警告	Services Basic Authentication project	-	Drupal 用 Services Basic Authentication モジュールにおけるリソース制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-4344	2015-06-17 16:45	2015-02-18	Show	GitHub Exploit DB Packet Storm

210945	2.6	注意	ASUS JAPAN株式会社	-	複数の ASUS 製無線 LAN ルータにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-7270	2015-06-17 16:41	2015-01-27	Show	GitHub Exploit DB Packet Storm

210946	5.2	警告	ASUS JAPAN株式会社	-	複数の ASUS 製無線 LAN ルータにおける OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2014-7269	2015-06-17 16:41	2015-01-27	Show	GitHub Exploit DB Packet Storm

210947	8.8	危険	N-TRON Corp.	-	N-Tron 702-W Industrial Wireless Access Point デバイスにおける暗号保護メカニズムを破られる脆弱性	CWE-310 暗号の問題	CVE-2012-4716	2015-06-17 10:08	2012-08-28	Show	GitHub Exploit DB Packet Storm

210948	7.8	危険	VMware	-	複数の VMware 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2015-2341	2015-06-16 18:13	2015-06-9	Show	GitHub Exploit DB Packet Storm

210949	5.8	警告	VMware	-	複数の VMware 製品の TPView.dll におけるホスト OS 上で任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2015-2336	2015-06-16 18:13	2015-06-9	Show	GitHub Exploit DB Packet Storm

210950	5.8	警告	VMware	-	複数の VMware 製品の TPInt.dll におけるホスト OS 上で任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2015-2337	2015-06-16 18:13	2015-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1921	6.8	MEDIUM Physics	-	-	Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected (hidden/debug mode).	CWE-276 Incorrect Default Permissions	CVE-2026-36742	2026-05-14 22:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

1922	7.2	HIGH Network	-	-	U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Command Injection. The Network Time Protocol (NTP) configuration interface does not properly sanitize user-supplied input. A…	CWE-77 Command Injection	CVE-2026-36741	2026-05-14 22:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

1923	7.5	HIGH Network	-	-	striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack.	CWE-121 Stack-based Buffer Overflow	CVE-2025-28344	2026-05-14 22:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

1924	7.5	HIGH Network	-	-	striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons.	CWE-121 Stack-based Buffer Overflow	CVE-2025-28343	2026-05-14 22:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

1925	6.2	MEDIUM Local	-	-	Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_SmartAudio::loop, AP_SmartAudio…	CWE-121 Stack-based Buffer Overflow	CVE-2024-51395	2026-05-14 22:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

1926	6.2	MEDIUM Local	-	-	Buffer Overflow vulnerability in Ardupilot rover commit v.c56439b045162058df0ff136afea3081fcd06d38 allows a local attacker to cause a denial of service via the AP_InertialSensor_ADIS1647x.cpp, ArduRo…	CWE-120 CWE-121 Classic Buffer Overflow Stack-based Buffer Overflow	CVE-2024-48519	2026-05-14 22:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

1927	9.8	CRITICAL Network	artica	pandora_fms	Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800	CWE-89 SQL Injection	CVE-2026-34187	2026-05-14 22:05	2026-05-13	Show	GitHub Exploit DB Packet Storm

1928	9.6	CRITICAL Network	langflow	langflow	Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API (DELETE /api/v1/knowledge_bases). Th…	CWE-22 Path Traversal	CVE-2026-42048	2026-05-14 21:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

1929	7.5	HIGH Network	vercel	next.js	Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.16 and 16.2.5, App Router applications that rely on middleware or proxy-based checks for authorizatio…	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-44575	2026-05-14 21:38	2026-05-14	Show	GitHub Exploit DB Packet Storm

1930	8.1	HIGH Network	vercel	next.js	Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to au…	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-44574	2026-05-14 21:37	2026-05-14	Show	GitHub Exploit DB Packet Storm