Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3061	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける無限ループに関する脆弱性	CWE-835 無限ループ	CVE-2026-6536	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3062	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-6537	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3063	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-6538	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3064	4.4	警告 Local	notepad-plus-plus	notepad++	notepad-plus-plusのnotepad++における書式文字列に関する脆弱性	CWE-134 書式文字列の問題	CVE-2026-6539	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3065	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける不適切に制御された順次メモリ割り当てに関する脆弱性	CWE-1325 不適切に制御された順次メモリ割り当て	CVE-2026-6867	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3066	7.5	重要 Network	Wireshark	Wireshark	Wiresharkにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-6868	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3067	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける不適切に制御された順次メモリ割り当てに関する脆弱性	CWE-1325 不適切に制御された順次メモリ割り当て	CVE-2026-6869	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3068	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける初期化されていないポインタのアクセスに関する脆弱性	CWE-824 初期化されていないポインタのアクセス	CVE-2026-6870	2026-05-7 12:02	2026-04-30	Show	GitHub Exploit DB Packet Storm

3069	5.6	警告 Network	ollama	ollama	Ollamaにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-7020	2026-05-7 12:02	2026-04-26	Show	GitHub Exploit DB Packet Storm

3070	5.6	警告 Network	vLLM	vLLM	vLLMにおける初期化されていないリソースの使用に関する脆弱性	CWE-908 初期化されていないリソースの使用	CVE-2026-7141	2026-05-7 12:02	2026-04-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2171	7.3	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the name of the file is derived from the original…	CWE-22 CWE-434 Path Traversal Unrestricted Upload of File with Dangerous Type	CVE-2026-44566	2026-05-19 23:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

2172	5.4	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filter_allowed_access_grants on either create or up…	CWE-862 Missing Authorization	CVE-2026-44558	2026-05-19 23:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

2173	8.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSION_POOL to discon…	CWE-613 Insufficient Session Expiration	CVE-2026-44553	2026-05-19 23:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

2174	5.3	MEDIUM Network	-	-	An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-36438	2026-05-19 23:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

2175	9.1	CRITICAL Network	freertos	coremqtt	Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users s…	CWE-125 Out-of-bounds Read	CVE-2026-8686	2026-05-19 23:01	2026-05-16	Show	GitHub Exploit DB Packet Storm

2176	9.8	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the intern…	CWE-502 Deserialization of Untrusted Data	CVE-2026-7301	2026-05-19 22:49	2026-05-18	Show	GitHub Exploit DB Packet Storm

2177	9.1	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by …	CWE-35 Path Traversal: '.../...//'	CVE-2026-7302	2026-05-19 22:43	2026-05-18	Show	GitHub Exploit DB Packet Storm

2178	9.8	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads() will…	CWE-502 Deserialization of Untrusted Data	CVE-2026-7304	2026-05-19 22:38	2026-05-18	Show	GitHub Exploit DB Packet Storm

2179	7.0	HIGH Local	vim	vim	Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-lik…	CWE-78 CWE-88 OS Command Argument Injection	CVE-2026-46483	2026-05-19 21:27	2026-05-16	Show	GitHub Exploit DB Packet Storm

2180	5.8	MEDIUM Network	traefik	traefik	Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors (custom error pages) middleware. Whe…	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-41181	2026-05-19 21:24	2026-05-16	Show	GitHub Exploit DB Packet Storm