Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219951 7.5 危険 シトリックス・システムズ - Citrix NetScaler Application Delivery Controller および NetScaler Gateway の管理 GUI の Java アプレットにおける脆弱性 CWE-noinfo
情報不足 		CVE-2014-2881 2014-05-2 16:34 2014-04-28 Show GitHub Exploit DB Packet Storm
219952 6.5 警告 フォーティネット - FortiGuard FortiWeb における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1957 2014-05-2 16:33 2014-02-13 Show GitHub Exploit DB Packet Storm
219953 7.5 危険 フォーティネット - FortiGuard FortiWeb における CRLF インジェクションの脆弱性 CWE-Other
その他 		CVE-2014-1956 2014-05-2 16:32 2014-02-13 Show GitHub Exploit DB Packet Storm
219954 4.3 警告 フォーティネット - FortiGuard FortiWeb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-1955 2014-05-2 16:30 2014-02-13 Show GitHub Exploit DB Packet Storm
219955 4.3 警告 vBulletin Solutions, Inc. - vBulletin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3135 2014-05-2 16:11 2014-04-18 Show GitHub Exploit DB Packet Storm
219956 5 警告 Ecava - Ecava IntegraXor における管理者アカウントの平文の資格情報を読まれる脆弱性 CWE-310
暗号の問題 		CVE-2014-0786 2014-05-2 15:51 2014-02-21 Show GitHub Exploit DB Packet Storm
219957 4.6 警告 Canonical - Ubuntu Date and Time Indicator におけるグリーター画面の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-7374 2014-05-2 15:50 2013-11-27 Show GitHub Exploit DB Packet Storm
219958 4.3 警告 SAP - SAP BusinessObjects の InfoView アプリケーションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3134 2014-05-2 15:43 2014-04-28 Show GitHub Exploit DB Packet Storm
219959 5 警告 SAP - SAP Netweaver Java Application Server における SLD に登録されている SAP システムのリストを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3133 2014-05-2 15:37 2014-04-28 Show GitHub Exploit DB Packet Storm
219960 4 警告 SAP - SAP Background Processing における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3132 2014-05-2 15:32 2014-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2841 7.8 HIGH
Local 		- - MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability CWE-823
 Use of Out-of-range Pointer Offset 		CVE-2026-28764 2026-05-22 00:05 2026-05-21 Show GitHub Exploit DB Packet Storm
2842 7.5 HIGH
Network 		- - In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the `_… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-20239 2026-05-22 00:00 2026-05-21 Show GitHub Exploit DB Packet Storm
2843 6.5 MEDIUM
Network 		- - In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, … CWE-20
 Improper Input Validation  		CVE-2026-20240 2026-05-22 00:00 2026-05-21 Show GitHub Exploit DB Packet Storm
2844 7.1 HIGH
Local 		- - In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - t… CWE-269
 Improper Privilege Management 		CVE-2026-46333 2026-05-21 23:16 2026-05-15 Show GitHub Exploit DB Packet Storm
2845 8.8 HIGH
Network 		struktur libheif libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile compositing, allowing an attacker to write … CWE-787
 Out-of-bounds Write 		CVE-2026-32740 2026-05-21 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2846 9.1 CRITICAL
Network 		eclipse glassfish An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of … CWE-94
CWE-917
Code Injection
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2026-2586 2026-05-21 22:18 2026-05-20 Show GitHub Exploit DB Packet Storm
2847 9.6 CRITICAL
Network 		eclipse glassfish A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and eval… CWE-917
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2026-2587 2026-05-21 22:18 2026-05-20 Show GitHub Exploit DB Packet Storm
2848 7.5 HIGH
Network 		nvidia tensorrt_llm NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead … CWE-690
 Unchecked Return Value to NULL Pointer Dereference 		CVE-2026-24160 2026-05-21 22:09 2026-05-20 Show GitHub Exploit DB Packet Storm
2849 9.8 CRITICAL
Network 		nvidia tensorrt_llm NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code executio… CWE-502
 Deserialization of Untrusted Data 		CVE-2025-33255 2026-05-21 09:06 2026-05-20 Show GitHub Exploit DB Packet Storm
2850 9.8 CRITICAL
Network 		nvidia tensorrt_llm NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and i… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-24142 2026-05-21 09:04 2026-05-20 Show GitHub Exploit DB Packet Storm