Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
211301 7.5 危険 日立
IBM
オラクル		 - Oracle Java SE および Java SE Embedded におけるライブラリに関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2402 2015-03-16 18:11 2014-04-15 Show GitHub Exploit DB Packet Storm
211302 5 警告 日立
オラクル		 - Oracle Java SE および Java SE Embedded における JAXP に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2403 2015-03-16 18:09 2014-04-15 Show GitHub Exploit DB Packet Storm
211303 6.4 警告 日立
IBM
オラクル		 - Oracle Java SE および Java SE Embedded における Deployment に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2409 2015-03-16 18:09 2014-04-15 Show GitHub Exploit DB Packet Storm
211304 7.6 危険 日立
IBM
オラクル		 - Oracle Java SE および Java SE Embedded における Deployment に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2428 2015-03-16 18:09 2014-04-15 Show GitHub Exploit DB Packet Storm
211305 7.5 危険 日立
IBM
オラクル		 - Oracle Java SE および Java SE Embedded における Sound に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2427 2015-03-16 18:08 2014-04-15 Show GitHub Exploit DB Packet Storm
211306 7.5 危険 日立
IBM
オラクル		 - Oracle Java SE および Java SE Embedded における JAX-WS に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2423 2015-03-16 18:06 2014-04-15 Show GitHub Exploit DB Packet Storm
211307 10 危険 日立
IBM
オラクル		 - 複数の Oracle Java 製品における 2D に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2421 2015-03-16 18:05 2014-04-15 Show GitHub Exploit DB Packet Storm
211308 2.6 注意 日立
IBM
オラクル		 - Oracle Java SE および Java SE Embedded における Deployment に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2420 2015-03-16 18:04 2014-04-15 Show GitHub Exploit DB Packet Storm
211309 7.5 危険 日立
IBM
オラクル		 - Oracle Java SE および Java SE Embedded における JAXB に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2414 2015-03-16 18:03 2014-04-15 Show GitHub Exploit DB Packet Storm
211310 4.4 警告 日立
IBM
オラクル		 - OpenJDK および Oracle Java JDK の unpack200 における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2014-1876 2015-03-16 18:02 2014-02-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1351 7.5 HIGH
Network 		open5gs open5gs A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the file src/pcf/nbsf-handler.c of the component sm-policies Endpoint. Such mani… Update CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8222 2026-05-13 02:49 2026-05-10 Show GitHub Exploit DB Packet Storm
1352 7.5 HIGH
Network 		open5gs open5gs A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of … Update CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-8224 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
1353 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by… Update CWE-89
SQL Injection 		CVE-2025-14179 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
1354 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global m… Update CWE-416
 Use After Free 		CVE-2026-6722 2026-05-13 02:48 2026-05-10 Show GitHub Exploit DB Packet Storm
1355 6.1 MEDIUM
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause t… Update CWE-79
Cross-site Scripting 		CVE-2026-6735 2026-05-13 02:43 2026-05-10 Show GitHub Exploit DB Packet Storm
1356 7.5 HIGH
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, including urldecode(), pass signed char to ctype functions (like isxdigit()). On… Update CWE-125
Out-of-bounds Read 		CVE-2026-7258 2026-05-13 02:41 2026-05-10 Show GitHub Exploit DB Packet Storm
1357 6.5 MEDIUM
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to  a NULL pointer dereference, re… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-7259 2026-05-13 02:40 2026-05-10 Show GitHub Exploit DB Packet Storm
1358 9.8 CRITICAL
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is configured with SOAP_PERSISTENCE_SESSION, the handler object is persisted acr… Update CWE-416
 Use After Free 		CVE-2026-7261 2026-05-13 02:40 2026-05-10 Show GitHub Exploit DB Packet Storm
1359 7.5 HIGH
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which check… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-7262 2026-05-13 02:39 2026-05-10 Show GitHub Exploit DB Packet Storm
1360 7.5 HIGH
Network 		php php In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the cur… Update CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2026-7568 2026-05-13 02:38 2026-05-10 Show GitHub Exploit DB Packet Storm