Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3931 4.3 警告
Network 		GitHub Enterprise Server GitHubのEnterprise Serverにおける送信データへの重要な情報の挿入に関する脆弱性 CWE-201
送信データへの重要な情報の挿入 		CVE-2026-5512 2026-04-30 10:58 2026-04-21 Show GitHub Exploit DB Packet Storm
3932 5.5 警告
Local 		レッドハット
libarchive		 Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
Red Hat Hardened Images
libarchive 		libarchive等の複数ベンダの製品におけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-5745 2026-04-30 10:58 2026-04-7 Show GitHub Exploit DB Packet Storm
3933 5.3 警告
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおけるバッファオーバーリードの脆弱性 CWE-126
バッファオーバーリード 		CVE-2026-5772 2026-04-30 10:57 2026-04-9 Show GitHub Exploit DB Packet Storm
3934 6.5 警告
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおける整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2026-5778 2026-04-30 10:57 2026-04-9 Show GitHub Exploit DB Packet Storm
3935 9.6 緊急
Network 		GitHub Enterprise Server GitHubのEnterprise Serverにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-5845 2026-04-30 10:57 2026-04-21 Show GitHub Exploit DB Packet Storm
3936 8.9 重要
Network 		GitHub Enterprise Server GitHubのEnterprise Serverにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-5921 2026-04-30 10:57 2026-04-21 Show GitHub Exploit DB Packet Storm
3937 7.8 重要
Local 		レッドハット
gimp		 Red Hat Enterprise Linux
gimp 		gimp等の複数ベンダの製品における古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-6384 2026-04-30 10:57 2026-04-15 Show GitHub Exploit DB Packet Storm
3938 7.8 重要
Local 		Rapid7 Insight Agent Rapid7のInsight Agentにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-6482 2026-04-30 10:57 2026-04-17 Show GitHub Exploit DB Packet Storm
3939 8.1 重要
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-125
CWE-416
CWE-787
CVE-2026-6785 2026-04-30 10:57 2026-04-26 Show GitHub Exploit DB Packet Storm
3940 8.1 重要
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-125
CWE-416
CWE-787
CVE-2026-6786 2026-04-30 10:57 2026-04-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1421 - - - Rejected reason: Voluntarily withdrawn - CVE-2026-6354 2026-05-19 23:16 2026-05-19 Show GitHub Exploit DB Packet Storm
1422 6.5 MEDIUM
Network 		- - Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject add… CWE-93
CRLF Injection 		CVE-2026-46719 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm
1423 - - - A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicio… CWE-94
Code Injection 		CVE-2026-45829 2026-05-19 23:16 2026-05-19 Show GitHub Exploit DB Packet Storm
1424 8.1 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP and OAuth authentication flows use a TOCTOU (Time-of-Check-Time-of-Use) patt… CWE-269
CWE-362
 Improper Privilege Management
Race Condition 		CVE-2026-45675 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm
1425 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, Pin/Unpin is a write operation (modifies the message's is_pinned , pinned_by, pinned… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-45386 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm
1426 5.4 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, an internal-only bypass_filter parameter is exposed on the /openai/chat/completions… CWE-285
Improper Authorization 		CVE-2026-45365 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm
1427 7.1 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-45349 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm
1428 7.7 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML rendering view, scripts can be injected and executed. The frontend … CWE-79
Cross-site Scripting 		CVE-2026-45303 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm
1429 7.3 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a stored cross-site scripting (XSS) vulnerability that allows any authenticated user… CWE-79
Cross-site Scripting 		CVE-2026-44721 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm
1430 7.3 HIGH
Network 		- - Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the name of the file is derived from the original… CWE-22
CWE-434
Path Traversal
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-44566 2026-05-19 23:16 2026-05-16 Show GitHub Exploit DB Packet Storm