Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215901 4.3 警告 Springshare LLC - Springshare LibCal の api_events.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-7291 2014-12-2 14:30 2014-11-25 Show GitHub Exploit DB Packet Storm
215902 4 警告 The phpMyAdmin Project - phpMyAdmin のエラーレポート機能の libraries/error_report.lib.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-8961 2014-12-2 14:25 2014-11-20 Show GitHub Exploit DB Packet Storm
215903 3.5 注意 The phpMyAdmin Project - phpMyAdmin のエラーレポート機能の libraries/error_report.lib.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8960 2014-12-2 14:25 2014-11-20 Show GitHub Exploit DB Packet Storm
215904 6.5 警告 The phpMyAdmin Project - phpMyAdmin の GIS エディタの libraries/gis/GIS_Factory.class.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-8959 2014-12-2 14:24 2014-11-20 Show GitHub Exploit DB Packet Storm
215905 4.3 警告 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8958 2014-12-2 14:24 2014-11-20 Show GitHub Exploit DB Packet Storm
215906 2.1 注意 ESET - 複数の ESET 製品で使用される ESET Personal Firewall NDIS フィルタのカーネルモードドライバにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-4974 2014-12-2 12:10 2014-10-22 Show GitHub Exploit DB Packet Storm
215907 5 警告 infoware GmbH - Infoware MapSuite の MapAPI における絶対パストラバーサルの脆弱性 CWE-Other
その他 		CVE-2014-2232 2014-12-2 11:39 2014-03-24 Show GitHub Exploit DB Packet Storm
215908 2.1 注意 ClamAV - ClamAV の clamscan におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2013-6497 2014-12-2 10:52 2013-11-4 Show GitHub Exploit DB Packet Storm
215909 6.8 警告 lwIP プロジェクト
Contiki プロジェクト		 - uIP と lwIP の DNS リゾルバにキャッシュポイズニングの脆弱性 CWE-Other
CWE-Other
CVE-2014-4883 2014-12-1 18:06 2014-11-3 Show GitHub Exploit DB Packet Storm
215910 6.8 警告 Xavoc Technocrats Pvt. Ltd. - Xavoc Technocrats xEpan CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-8429 2014-12-1 18:04 2014-10-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1171 5.3 MEDIUM
Network 		mediawiki mediawiki Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.P… CWE-200
Information Exposure 		CVE-2026-34093 2026-05-18 22:53 2026-05-12 Show GitHub Exploit DB Packet Storm
1172 5.5 MEDIUM
Local 		m2team nanazip NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the Electron Archive (ASAR) parser in NanaZip. When opening a crafted .… CWE-674
 Uncontrolled Recursion 		CVE-2026-42355 2026-05-18 22:52 2026-05-13 Show GitHub Exploit DB Packet Storm
1173 5.5 MEDIUM
Local 		m2team nanazip NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when… CWE-476
 NULL Pointer Dereference 		CVE-2026-42442 2026-05-18 22:51 2026-05-13 Show GitHub Exploit DB Packet Storm
1174 3.8 LOW
Network 		mediawiki mediawiki Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2. CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2026-34094 2026-05-18 22:50 2026-05-12 Show GitHub Exploit DB Packet Storm
1175 5.5 MEDIUM
Local 		m2team nanazip NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when … CWE-369
 Divide By Zero 		CVE-2026-42443 2026-05-18 22:46 2026-05-13 Show GitHub Exploit DB Packet Storm
1176 7.5 HIGH
Network 		bytecodealliance wasmtime Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This ove… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-44216 2026-05-18 22:36 2026-05-15 Show GitHub Exploit DB Packet Storm
1177 7.8 HIGH
Local 		microsoft azure_connected_machine_agent Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. CWE-284
Improper Access Control 		CVE-2026-40381 2026-05-18 22:35 2026-05-13 Show GitHub Exploit DB Packet Storm
1178 6.5 MEDIUM
Network 		shellhub shellhub ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/devices/:uid returns the full device object whenever the caller is authenticated, without verifying that the device belongs to the cal… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-44424 2026-05-18 22:35 2026-05-14 Show GitHub Exploit DB Packet Storm
1179 5.4 MEDIUM
Network 		shellhub shellhub ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in the the name field of each filter property in the base64-encoded filter query p… CWE-20
CWE-943
CWE-1333
 Improper Input Validation 
 Improper Neutralization of Special Elements in Data Query Logic
 Inefficient Regular Expression Complexity 		CVE-2026-44425 2026-05-18 22:34 2026-05-14 Show GitHub Exploit DB Packet Storm
1180 4.3 MEDIUM
Network 		microsoft edge User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-35429 2026-05-18 22:34 2026-05-13 Show GitHub Exploit DB Packet Storm