Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4011	5.7	警告 Network	Bytecode Alliance	wasmtime	Bytecode Allianceのwasmtimeにおけるキャッチされない例外に関する脆弱性	CWE-248 キャッチされない例外	CVE-2026-34944	2026-04-21 10:46	2026-04-9	Show	GitHub Exploit DB Packet Storm

4012	6.5	警告 Network	Bytecode Alliance	wasmtime	Bytecode Allianceのwasmtimeにおける数値型間の変換の誤りに関する脆弱性	CWE-681 数値型間の変換の誤り	CVE-2026-34945	2026-04-21 10:46	2026-04-9	Show	GitHub Exploit DB Packet Storm

4013	7.5	重要 Network	Bytecode Alliance	wasmtime	Bytecode Allianceのwasmtimeにおける常に不適切な制御フローの実装に関する脆弱性	CWE-670 常に不適切な制御フローの実装	CVE-2026-34946	2026-04-21 10:46	2026-04-9	Show	GitHub Exploit DB Packet Storm

4014	8.8	重要 Network	OpenFGA	OpenFGA Helm Charts	OpenFGAのHelm Charts等の複数製品における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-34972	2026-04-21 10:46	2026-04-6	Show	GitHub Exploit DB Packet Storm

4015	9.8	緊急 Network	man	d-tale	Man GroupのD-Taleにおけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-noinfo	CVE-2026-35052	2026-04-21 10:46	2026-04-6	Show	GitHub Exploit DB Packet Storm

4016	5.4	警告 Network	GoHugo	Hugo	GoHugoのHugoにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-35166	2026-04-21 10:46	2026-04-6	Show	GitHub Exploit DB Packet Storm

4017	6.5	警告 Network	Eugene Pankov	Ajenti	Eugene PankovのAjentiにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-35175	2026-04-21 10:46	2026-04-6	Show	GitHub Exploit DB Packet Storm

4018	7.1	重要 Local	Vim	Vim	Vimにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35177	2026-04-21 10:46	2026-04-6	Show	GitHub Exploit DB Packet Storm

4019	7.7	重要 Network	pyLoad-ng project	pyLoad-ng	pyLoad-ng projectのpyLoad-ngにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-35187	2026-04-21 10:46	2026-04-6	Show	GitHub Exploit DB Packet Storm

4020	7.5	重要 Network	saleor	saleor	saleorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-35401	2026-04-21 10:46	2026-04-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
611	8.3	HIGH Network	-	-	Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted H…	CWE-416 Use After Free	CVE-2026-8515	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

612	8.3	HIGH Network	-	-	Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…	CWE-416 Use After Free	CVE-2026-8514	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

613	8.3	HIGH Network	-	-	Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…	CWE-416 Use After Free	CVE-2026-8513	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

614	8.3	HIGH Network	-	-	Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a cr…	CWE-416 Use After Free	CVE-2026-8512	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

615	7.5	HIGH Network	-	-	Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted …	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-8510	2026-05-15 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

616	-		-	-	Fleet is open source device management software. Prior to version 4.82.0, a vulnerability in Fleet's Windows MDM enrollment flow allows authentication tokens from any Azure AD tenant to be accepted. …	CWE-290 Authentication Bypass by Spoofing	CVE-2026-24899	2026-05-15 06:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

617	-		-	-	Fleet is open source device management software. Prior to version 4.81.0, Fleet contained a denial-of-service (DoS) issue in the gRPC Launcher `PublishLogs` endpoint. In affected versions, certain un…	CWE-20 Improper Input Validation	CVE-2026-26062	2026-05-15 06:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

618	-		-	-	Fleet is open source device management software. Prior to version 4.81.0, a vulnerability in Fleet's software installer pipeline could allow a crafted software package to execute arbitrary commands a…	CWE-78 OS Command	CVE-2026-26191	2026-05-15 06:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

619	-		-	-	Fleet is open source device management software. Prior to version 4.80.1, a vulnerability in Fleet's IP extraction logic allows unauthenticated attackers to bypass API rate limiting by spoofing clien…	CWE-290 Authentication Bypass by Spoofing	CVE-2026-46356	2026-05-15 06:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

620	8.3	HIGH Network	-	-	SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML wit…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-44586	2026-05-15 06:22	2026-05-15	Show	GitHub Exploit DB Packet Storm