Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
237081	10	危険	IBM	-	IBM DB2 UDB における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6048	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237082	10	危険	IBM	-	IBM DB2 UDB の DB2DART ツールにおける任意のコマンドを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6047	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237083	7.2	危険	IBM	-	IBM DB2 UDB の setuid プログラムにおける脆弱性	CWE-noinfo 情報不足	CVE-2007-6046	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237084	10	危険	IBM	-	IBM DB2 UDB の DB2WATCH などにおける脆弱性	CWE-noinfo 情報不足	CVE-2007-6045	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237085	10	危険	IBM	-	IBM WebSphere MQ における脆弱性	CWE-399 リソース管理の問題	CVE-2007-6044	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237086	7.1	危険	マイクロソフト	-	Microsoft Windows 2000 の CryptGenRandom 関数における暗号化のメカニズムの効果を減少される脆弱性	CWE-200 情報漏えい	CVE-2007-6043	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237087	2.1	注意	The PHP Group	-	PHP におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-6039	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237088	6.8	警告	joomlaequipment	-	Joomla! 用の Juser における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-6038	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237089	7.1	危険	live555	-	LIVE555 Media Server の parseRTSPRequestString 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-6036	2012-09-25 16:59	2007-11-20	Show	GitHub Exploit DB Packet Storm

237090	5.8	警告	Horde	-	IMP Webmail Client などにおける任意の電子メールメッセージを削除される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6018	2012-09-25 16:59	2008-01-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1341	3.7	LOW Network	-	-	Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Prior to 4.10.22, the bundleCache is keyed by (Locale, baseName) where th… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-44242	2026-05-14 01:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1342	7.5	HIGH Network	-	-	Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, TimeConverterRegistrar caches DateTimeForma… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-44241	2026-05-14 01:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1343	6.3	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exp… Update	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-44113	2026-05-14 01:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

1344	-		-	-	Craft CMS is a content management system (CMS). From 4.0.0 to before 4.17.12 and 5.9.18, Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user … New	CWE-479	CVE-2026-44011	2026-05-14 01:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1345	-		-	-	Craft CMS is a content management system (CMS). From 4.0.0 to before 4.17.12 and 5.9.18, the GraphQL Address element resolver (src/gql/resolvers/elements/Address.php) performs no schema scope filteri… New	CWE-862 Missing Authorization	CVE-2026-44010	2026-05-14 01:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1346	9.9	CRITICAL Network	-	-	wger is a free, open-source workout and fitness manager. Prior to 2.6, the reset_user_password and gym_permissions_user_edit views in wger perform a gym-scope authorization check using Python object … New	CWE-863 Incorrect Authorization	CVE-2026-43948	2026-05-14 01:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1347	6.8	MEDIUM Network	bx33661	wireshark_mcp	Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier, wireshark-mcp exposes a wireshark_expor… Update	CWE-22 Path Traversal	CVE-2026-43901	2026-05-14 01:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1348	7.7	HIGH Network	-	-	Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken aut… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-43890	2026-05-14 01:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1349	4.3	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, the unauthenticated plugin/Scheduler/downloadICS.php endpoint passes attacker-controlled title, description, and jo… Update	CWE-93 CRLF Injection	CVE-2026-43882	2026-05-14 01:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1350	6.4	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/notifySubscribers.json.php takes the raw message POST parameter and passes it into sendSiteEmail(), which s… Update	CWE-79 Cross-site Scripting	CVE-2026-43876	2026-05-14 01:16	2026-05-12	Show	GitHub Exploit DB Packet Storm