Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2751 5.5 警告
Local 		River Past Ringtone Converter Project River Past Ringtone Converter River Past Ringtone Converter ProjectのRiver Past Ringtone Converterにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2019-25665 2026-04-28 10:11 2026-04-5 Show GitHub Exploit DB Packet Storm
2752 7.8 重要
Local 		River Past Video Clear Project River Past Video Clear River Past Video Clear ProjectのRiver Past Video Clearにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2019-25670 2026-04-28 10:11 2026-04-5 Show GitHub Exploit DB Packet Storm
2753 7.8 重要
Local 		iBoysoft NTFS for Mac iBoysoftのNTFS for Macにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 CWE-732
重要なリソースに対する不適切なパーミッションの割り当て 		CVE-2026-2637 2026-04-28 10:11 2026-03-3 Show GitHub Exploit DB Packet Storm
2754 6.6 警告
Local 		Saurabh Kumar python-dotenv Saurabh Kumarのpython-dotenvにおける複数の脆弱性 CWE-59
CWE-61
CVE-2026-28684 2026-04-28 10:11 2026-04-20 Show GitHub Exploit DB Packet Storm
2755 10 緊急
Network 		Smallstep Step CA SmallstepのStep CAにおける複数の脆弱性 CWE-287
CWE-295
CWE-295
CVE-2026-30836 2026-04-28 10:11 2026-03-19 Show GitHub Exploit DB Packet Storm
2756 4.7 警告
Local 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおけるデータの信頼性についての不十分な検証に関する脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2026-32290 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
2757 6.8 警告
Physics 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-32291 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
2758 7.5 重要
Network 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-32292 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
2759 3.7
Network 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-32293 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
2760 6.5 警告
Network 		オラクル PeopleSoft Enterprise FIN Contracts オラクルのPeopleSoft Enterprise FIN Contractsにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-34300 2026-04-28 10:11 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1441 5.3 MEDIUM
Network 		- - A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59. Affected by this issue is the function recall_relevant_memories_to_working_memory of the file core/… CWE-400
CWE-404
 Uncontrolled Resource Consumption
 Improper Resource Shutdown or Release 		CVE-2026-8319 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1442 4.7 MEDIUM
Network 		- - A security vulnerability has been detected in jishenghua jshERP up to 3.6. This affects the function getUserByWeixinCode of the file jshERP-boot/src/main/java/com/jsh/erp/service/UserService.java of … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8320 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1443 - - - CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in ra… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-6866 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1444 4.4 MEDIUM
Local 		- - An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a sh… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-7431 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1445 7.8 HIGH
Local 		- - A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM CWE-362
Race Condition 		CVE-2026-7432 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1446 7.2 HIGH
Network 		- - OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. CWE-78
OS Command  		CVE-2026-8051 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1447 6.5 MEDIUM
Network 		- - An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials. CWE-749
 Exposed Dangerous Method or Function 		CVE-2026-8109 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1448 7.8 HIGH
Local 		- - Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-8110 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1449 8.8 HIGH
Network 		- - SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution. CWE-89
SQL Injection 		CVE-2026-8111 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1450 8.8 HIGH
Network 		pi-hole ftldns Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the `dns.interface` configuration field in Pi-hole FTL accepted newline charac… CWE-93
CRLF Injection 		CVE-2026-39849 2026-05-13 01:27 2026-05-6 Show GitHub Exploit DB Packet Storm