Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214081 2.1 注意 Eucalyptus Systems - Eucalyptus における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-5037 2014-11-11 12:17 2014-10-20 Show GitHub Exploit DB Packet Storm
214082 3.5 注意 IBM - IBM DB2 におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-6159 2014-11-11 11:29 2014-11-4 Show GitHub Exploit DB Packet Storm
214083 1.9 注意 IBM - IBM Sterling B2B Integrator における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-6146 2014-11-11 11:28 2014-11-5 Show GitHub Exploit DB Packet Storm
214084 4 警告 IBM - IBM DB2 におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-6097 2014-11-11 11:28 2014-11-5 Show GitHub Exploit DB Packet Storm
214085 4.3 警告 アルバネットワークス株式会社 - Aruba Networks ClearPass の Insight モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-6623 2014-11-11 11:01 2014-10-31 Show GitHub Exploit DB Packet Storm
214086 4.3 警告 アルバネットワークス株式会社 - Aruba Networks ClearPass におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-6620 2014-11-11 11:00 2014-10-31 Show GitHub Exploit DB Packet Storm
214087 4.3 警告 OpenStack - OpenStack Compute および Juno の api/metadata/handler.py におけるインスタンス ID の署名を推測される脆弱性 CWE-200
情報漏えい 		CVE-2014-3517 2014-11-10 17:40 2014-07-23 Show GitHub Exploit DB Packet Storm
214088 6.1 警告 シマンテック - Symantec Endpoint Protection Manager のコンソールサーブレットにおける任意のファイルに書き込まれる脆弱性 CWE-noinfo
情報不足 		CVE-2014-3439 2014-11-10 17:37 2014-11-5 Show GitHub Exploit DB Packet Storm
214089 4.3 警告 シマンテック - Symantec Endpoint Protection Manager のコンソールインターフェーススクリプトにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3438 2014-11-10 17:37 2014-11-5 Show GitHub Exploit DB Packet Storm
214090 7.5 危険 シマンテック - Symantec Endpoint Protection Manager の管理コンソールにおける任意のファイルを読まれる脆弱性 CWE-Other
その他 		CVE-2014-3437 2014-11-10 17:37 2014-11-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1261 8.5 HIGH
Network 		openstack keystone An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credential matched the project of the authentica… CWE-863
 Incorrect Authorization 		CVE-2026-43001 2026-05-5 03:25 2026-05-1 Show GitHub Exploit DB Packet Storm
1262 7.8 HIGH
Local 		zhinst labone_q The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix, this mechanism accepted… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-7584 2026-05-5 03:23 2026-05-1 Show GitHub Exploit DB Packet Storm
1263 9.8 CRITICAL
Network 		bitwarden cli Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident. CWE-78
CWE-94
OS Command 
Code Injection 		CVE-2026-42994 2026-05-5 03:23 2026-05-1 Show GitHub Exploit DB Packet Storm
1264 6.5 MEDIUM
Network 		apple container Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3. CWE-522
 Insufficiently Protected Credentials 		CVE-2026-28909 2026-05-5 03:22 2026-05-1 Show GitHub Exploit DB Packet Storm
1265 8.8 HIGH
Network 		hkuds openharness HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Atta… CWE-78
OS Command  		CVE-2026-7551 2026-05-5 03:22 2026-05-1 Show GitHub Exploit DB Packet Storm
1266 8.1 HIGH
Network 		langflow langflow IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for an… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-6542 2026-05-5 03:21 2026-05-1 Show GitHub Exploit DB Packet Storm
1267 9.8 CRITICAL
Network 		progress moveit_automation Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from… CWE-305
 Authentication Bypass by Primary Weakness 		CVE-2026-4670 2026-05-5 03:20 2026-05-1 Show GitHub Exploit DB Packet Storm
1268 8.8 HIGH
Network 		- - An XML external entity (XXE) vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload. CWE-611
XXE 		CVE-2026-36765 2026-05-5 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
1269 8.8 HIGH
Network 		- - An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary fi… CWE-22
Path Traversal 		CVE-2026-36762 2026-05-5 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
1270 7.5 HIGH
Network 		- - Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue. CWE-126
 Buffer Over-read 		CVE-2026-34059 2026-05-5 03:16 2026-05-4 Show GitHub Exploit DB Packet Storm