Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3841	4.3	警告 Network	Schneider Electric	PowerChute Serial Shutdown	Schneider Electric のPowerChute Serial ShutdownにおけるCRLF インジェクションの脆弱性	CWE-93 CRLF インジェクション	CVE-2026-2400	2026-04-24 11:38	2026-04-14	Show	GitHub Exploit DB Packet Storm

3842	5	警告 Local	Schneider Electric	PowerChute Serial Shutdown	Schneider Electric のPowerChute Serial Shutdownにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-2401	2026-04-24 11:38	2026-04-14	Show	GitHub Exploit DB Packet Storm

3843	5.3	警告 Network	Schneider Electric	PowerChute Serial Shutdown	Schneider Electric のPowerChute Serial Shutdownにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-2402	2026-04-24 11:38	2026-04-14	Show	GitHub Exploit DB Packet Storm

3844	4.3	警告 Network	Schneider Electric	PowerChute Serial Shutdown	Schneider Electric のPowerChute Serial Shutdownにおける入力で指定された数量の不適切な検証に関する脆弱性	CWE-1284 入力で指定された数量の不適切な検証	CVE-2026-2403	2026-04-24 11:38	2026-04-14	Show	GitHub Exploit DB Packet Storm

3845	5.3	警告 Network	Schneider Electric	PowerChute Serial Shutdown	Schneider Electric のPowerChute Serial Shutdownにおけるエンコードおよびエスケープに関する脆弱性	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-2404	2026-04-24 11:38	2026-04-14	Show	GitHub Exploit DB Packet Storm

3846	6.5	警告 Network	Schneider Electric	PowerChute Serial Shutdown	Schneider Electric のPowerChute Serial Shutdownにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-2405	2026-04-24 11:38	2026-04-14	Show	GitHub Exploit DB Packet Storm

3847	9.8	緊急 Network	OpenAEV	OpenAEV	OpenAEVにおけるパスワード管理機能に関する脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2026-24467	2026-04-24 11:38	2026-04-20	Show	GitHub Exploit DB Packet Storm

3848	7.5	重要 Network	Vexa AI, Inc.	Vexa	Vexa AI, Inc.のVexaにおける複数の脆弱性	CWE-306 CWE-862	CVE-2026-25058	2026-04-24 11:37	2026-04-20	Show	GitHub Exploit DB Packet Storm

3849	5.8	警告 Network	Vexa AI, Inc.	Vexa	Vexa AI, Inc.のVexaにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-25883	2026-04-24 11:37	2026-04-20	Show	GitHub Exploit DB Packet Storm

3850	6.1	警告 Network	アドビシステムズ	Adobe Connect Adobe Connect Desktop Application	アドビのAdobe Connect等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-27243	2026-04-24 11:37	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	4.0	MEDIUM Local	-	-	An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate atom data before per…	CWE-369 Divide By Zero	CVE-2026-46469	2026-05-15 03:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

862	4.0	MEDIUM Local	-	-	An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before per…	CWE-369 Divide By Zero	CVE-2026-46470	2026-05-15 03:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

863	-		-	-	CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2026-6332	2026-05-15 03:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

864	9.8	CRITICAL Network	vm2_project	vm2	vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.3, it is possible to catch a host exception using the yield* expression inside an async generator. When the generator is closed using the r…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2026-45411	2026-05-15 03:19	2026-05-14	Show	GitHub Exploit DB Packet Storm

865	8.8	HIGH Network	-	-	Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Conf…	CWE-863 Incorrect Authorization	CVE-2025-15023	2026-05-15 03:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

866	8.8	HIGH Network	-	-	Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System …	CWE-94 Code Injection	CVE-2025-15024	2026-05-15 03:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

867	-		-	-	CVAT is an open source interactive video and image annotation tool for computer vision. From 2.5.0 to 2.63.0, an attacker who is able to create or edit an annotation guide on a task is able to add ma…	CWE-80 Basic XSS	CVE-2026-44369	2026-05-15 03:19	2026-05-14	Show	GitHub Exploit DB Packet Storm

868	-		-	-	Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support (@Notification…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-44308	2026-05-15 03:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

869	-		-	-	Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixe…	CWE-79 Cross-site Scripting	CVE-2026-44371	2026-05-15 03:19	2026-05-15	Show	GitHub Exploit DB Packet Storm

870	7.5	HIGH Network	-	-	Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A…	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-44375	2026-05-15 03:19	2026-05-15	Show	GitHub Exploit DB Packet Storm