Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4211 5.3 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6410 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
4212 5.9 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるURL エンコーディング(16進エンコーディング)の処理に関する脆弱性 CWE-177
URLエンコーディング(16進エンコーディング)の不適切な処理 		CVE-2026-6414 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
4213 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-6515 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
4214 8.8 重要
Network 		CPS-IT Mailqueue CPS-ITのMailqueueにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-1323 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
4215 6.5 警告
Network 		Linux Foundation Backstage/plugin-scaffolder-backend Linux FoundationのBackstage/plugin-scaffolder-backendにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-29184 2026-04-27 11:19 2026-03-7 Show GitHub Exploit DB Packet Storm
4216 4.3 警告
Network 		Guido Schmechel (ayacoo) redirect_tab Guido Schmechel (ayacoo)のredirect_tabにおける複数の脆弱性 CWE-200
CWE-862
CWE-862
CVE-2026-4202 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
4217 8.8 重要
Network 		Ralf Freit (MrSilaz) mfa_mail Ralf Freit (MrSilaz)のmfa_mailにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-4208 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
4218 8.1 重要
Network 		HashiCorp Vault HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 CWE-288
代替パスまたはチャネルを使用した認証回避 		CVE-2026-3605 2026-04-27 11:19 2026-04-17 Show GitHub Exploit DB Packet Storm
4219 9.4 緊急
Network 		dgraph dgraph dgraphにおける複数の脆弱性 CWE-200
CWE-215
CWE-522
CVE-2026-40173 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
4220 7.8 重要
Local 		Composer Composer Composerにおける複数の脆弱性 CWE-20
CWE-78
CWE-78
CVE-2026-40176 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1131 8.8 HIGH
Network 		mozilla firefox
thunderbird 		Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploite… Update CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-8974 2026-05-27 03:16 2026-05-19 Show GitHub Exploit DB Packet Storm
1132 8.8 HIGH
Network 		mozilla firefox
thunderbird 		Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code… Update CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-8973 2026-05-27 03:16 2026-05-19 Show GitHub Exploit DB Packet Storm
1133 7.7 HIGH
Local 		- - IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration. New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-8856 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1134 8.1 HIGH
Network 		- - IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication). New CWE-94
Code Injection 		CVE-2026-8855 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1135 7.5 HIGH
Network 		- - IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache. New CWE-825
 Expired Pointer Dereference 		CVE-2026-8854 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1136 7.3 HIGH
Adjacent 		- - IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive informat… New CWE-822
 Untrusted Pointer Dereference 		CVE-2026-8835 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1137 8.0 HIGH
Adjacent 		- - IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause … New CWE-122
Heap-based Buffer Overflow 		CVE-2026-8834 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1138 7.5 HIGH
Network 		- - IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggl… New CWE-444
HTTP Request Smuggling 		CVE-2026-8620 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1139 7.8 HIGH
Local 		- - A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the c… New CWE-120
Classic Buffer Overflow 		CVE-2026-7454 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1140 5.3 MEDIUM
Local 		- - A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition. New CWE-674
 Uncontrolled Recursion 		CVE-2026-7453 2026-05-27 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm