Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
236041 3.5 注意 IBM - IBM Tivoli Service Desk におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5949 2012-09-25 16:59 2007-11-13 Show GitHub Exploit DB Packet Storm
236042 10 危険 Heimdal - Heimdal の gss_userok 関数における脆弱性 CWE-119
バッファエラー 		CVE-2007-5939 2012-09-25 16:59 2007-12-6 Show GitHub Exploit DB Packet Storm
236043 4.3 警告 PEAR - PEAR MDB2 の LOB 機能における MDB2 を使用される脆弱性 CWE-200
CWE-DesignError
CVE-2007-5934 2012-09-25 16:59 2007-02-4 Show GitHub Exploit DB Packet Storm
236044 5 警告 OrangeHRM - OrangeHRM の lib/controllers/RepViewController.php におけるデータへのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5931 2012-09-25 16:59 2007-11-10 Show GitHub Exploit DB Packet Storm
236045 9 危険 Openbase International - OpenBase におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5929 2012-09-25 16:59 2007-11-9 Show GitHub Exploit DB Packet Storm
236046 9 危険 Openbase International - OpenBase における任意のメモリ領域を開放される脆弱性 CWE-119
CWE-20
CVE-2007-5928 2012-09-25 16:59 2007-11-9 Show GitHub Exploit DB Packet Storm
236047 9 危険 Openbase International - OpenBase におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-5927 2012-09-25 16:59 2007-11-9 Show GitHub Exploit DB Packet Storm
236048 9 危険 Openbase International - OpenBase における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2007-5926 2012-09-25 16:59 2007-11-9 Show GitHub Exploit DB Packet Storm
236049 5 警告 mywebftp - MyWebFTP における MD5 パスワードハッシュを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-5919 2012-09-25 16:59 2007-11-9 Show GitHub Exploit DB Packet Storm
236050 6 警告 ms topsites - PHP-Nuke の MS TopSites アドオンにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-5918 2012-09-25 16:59 2007-11-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
131 - - - Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled Gra… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-42793 2026-05-9 22:16 2026-05-9 Show GitHub Exploit DB Packet Storm
132 5.3 MEDIUM
Network 		- - A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation resul… New CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error') 
Out-of-bounds Read 		CVE-2026-8186 2026-05-9 21:16 2026-05-9 Show GitHub Exploit DB Packet Storm
133 5.3 MEDIUM
Network 		- - A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption… New CWE-400
CWE-404
 Uncontrolled Resource Consumption
 Improper Resource Shutdown or Release 		CVE-2026-8187 2026-05-9 20:16 2026-05-9 Show GitHub Exploit DB Packet Storm
134 6.3 MEDIUM
Adjacent 		- - A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authe… New CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function 		CVE-2026-8185 2026-05-9 20:16 2026-05-9 Show GitHub Exploit DB Packet Storm
135 7.2 HIGH
Network 		- - Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can e… New - CVE-2026-3828 2026-05-9 18:16 2026-05-9 Show GitHub Exploit DB Packet Storm
136 5.3 MEDIUM
Adjacent 		- - Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to… New - CVE-2026-32683 2026-05-9 18:16 2026-05-9 Show GitHub Exploit DB Packet Storm
137 6.8 MEDIUM
Network 		- - There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission. New - CVE-2026-1749 2026-05-9 18:16 2026-05-9 Show GitHub Exploit DB Packet Storm
138 9.1 CRITICAL
Network 		apache cloudstack Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxm… New CWE-200
Information Exposure 		CVE-2026-25199 2026-05-9 16:16 2026-05-8 Show GitHub Exploit DB Packet Storm
139 5.3 MEDIUM
Network 		apache cloudstack Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limi… New CWE-367
CWE-770
 Time-of-check Time-of-use (TOCTOU) Race Condition
 Allocation of Resources Without Limits or Throttling 		CVE-2025-69233 2026-05-9 16:16 2026-05-8 Show GitHub Exploit DB Packet Storm
140 8.0 HIGH
Network 		- - Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, th… New CWE-459
 Incomplete Cleanup 		CVE-2025-66467 2026-05-9 16:16 2026-05-8 Show GitHub Exploit DB Packet Storm