Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
218731	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2802	2014-07-10 14:42	2014-07-8	Show	GitHub Exploit DB Packet Storm

218732	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 10 および 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2801	2014-07-10 14:42	2014-07-8	Show	GitHub Exploit DB Packet Storm

218733	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 6 から 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2800	2014-07-10 14:41	2014-07-8	Show	GitHub Exploit DB Packet Storm

218734	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 8 から 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2798	2014-07-10 14:40	2014-07-8	Show	GitHub Exploit DB Packet Storm

218735	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 6 から 8 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2797	2014-07-10 14:40	2014-07-8	Show	GitHub Exploit DB Packet Storm

218736	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 8 から 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2795	2014-07-10 14:39	2014-07-8	Show	GitHub Exploit DB Packet Storm

218737	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 6 および 7 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2794	2014-07-10 14:39	2014-07-8	Show	GitHub Exploit DB Packet Storm

218738	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 9 から 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2792	2014-07-10 14:38	2014-07-8	Show	GitHub Exploit DB Packet Storm

218739	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 9 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2791	2014-07-10 14:37	2014-07-8	Show	GitHub Exploit DB Packet Storm

218740	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 11 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2014-2790	2014-07-10 14:36	2014-07-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
911	4.7	MEDIUM Network	-	-	A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/edit_customer.php. Such manipulation of the argume… Update	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-9446	2026-05-29 03:16	2026-05-25	Show	GitHub Exploit DB Packet Storm

912	8.1	HIGH Network	-	-	Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse() function in object/saml_sp.go calls sp.RetrieveAssertionInfo() and immedia… New	CWE-294 Authentication Bypass by Capture-replay	CVE-2026-9095	2026-05-29 03:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

913	6.1	MEDIUM Network	-	-	Speakr is a personal, self-hosted web application designed for transcribing audio recordings. Prior to 0.8.20-alpha, the is_safe_url() helper used to validate post-login redirect targets applied urlj… New	CWE-601 Open Redirect	CVE-2026-45307	2026-05-29 03:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

914	-		-	-	electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync… New	CWE-94 CWE-345 CWE-494 CWE-915 Code Injection Insufficient Verification of Data Authenticity Download of Code Without Integrity Check Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-45058	2026-05-29 03:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

915	-		-	-	bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corru… New	CWE-787 Out-of-bounds Write	CVE-2026-42250	2026-05-29 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

916	7.8	HIGH Local	-	-	gix-submodule before 0.29.0 (gitoxide before 0.5.21, gix before 0.84.0) incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration … Update	CWE-77 Command Injection	CVE-2026-40034	2026-05-29 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

917	4.2	MEDIUM Network	-	-	PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib's default OpenerDirector registe… New	CWE-441 CWE-918 Confused Deputy Server-Side Request Forgery (SSRF)	CVE-2026-48522	2026-05-29 03:03	2026-05-29	Show	GitHub Exploit DB Packet Storm

918	7.4	HIGH Network	-	-	PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate… New	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-48526	2026-05-29 03:03	2026-05-29	Show	GitHub Exploit DB Packet Storm

919	5.4	MEDIUM Network	-	-	PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode() or jwt.decode_complete() are called with a PyJWK key. … New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-48523	2026-05-29 03:03	2026-05-29	Show	GitHub Exploit DB Packet Storm

920	3.7	LOW Network	-	-	PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.get_signing_key() forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no ra… New	CWE-460 CWE-755 Improper Cleanup on Thrown Exception Improper Handling of Exceptional Conditions	CVE-2026-48524	2026-05-29 03:03	2026-05-29	Show	GitHub Exploit DB Packet Storm