Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
961 6.5 警告
Network 		whatsapp whatsapp whatsappにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性 CWE-158
NULL バイトまたは NULL キャラクタの不適切な無害化 		CVE-2026-23863 2026-05-13 10:27 2026-05-1 Show GitHub Exploit DB Packet Storm
962 4.3 警告
Network 		whatsapp whatsapp whatsappにおける通信チャネルの送信元の不適切な検証に関する脆弱性 CWE-940
通信チャネルの送信元の不適切な検証 		CVE-2026-23866 2026-05-13 10:27 2026-05-1 Show GitHub Exploit DB Packet Storm
963 7.5 重要
Network 		Postfix Project postfix Postfix Projectのpostfixにおける境界条件の判定に関する脆弱性 CWE-193
境界条件の判定 		CVE-2026-43964 2026-05-13 10:27 2026-05-4 Show GitHub Exploit DB Packet Storm
964 8 重要
Network 		PHOENIX CONTACT fl mguard core tx ファームウェア
FL MGUARD 4305 Firmware
fl mguard delta tx/tx ファームウェア
fl mguard gt/gt vpn ファームウェア
FL&n… 		PHOENIX CONTACTのfl mguard 2102 ファームウェア等の複数製品における保存または転送前の重要な情報の削除に関する脆弱性 CWE-212
保存または転送前の重要な情報の不適切な削除 		CVE-2024-43384 2026-05-13 10:27 2026-05-7 Show GitHub Exploit DB Packet Storm
965 6.5 警告
Network 		Fudo Security Fudo Enterprise Fudo SecurityのFudo Enterpriseにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2025-13480 2026-05-13 10:27 2026-04-20 Show GitHub Exploit DB Packet Storm
966 9.8 緊急
Network 		Delta Electronics, INC. AS320T Firmware Delta Electronics, INC.のAS320T Firmwareにおけるバッファサイズの計算の誤りに関する脆弱性 CWE-131
正しくないバッファサイズ計算 		CVE-2026-1949 2026-05-13 10:27 2026-04-24 Show GitHub Exploit DB Packet Storm
967 9.8 緊急
Network 		Delta Electronics, INC. AS320T Firmware Delta Electronics, INC.のAS320T Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-1950 2026-05-13 10:27 2026-04-24 Show GitHub Exploit DB Packet Storm
968 9.8 緊急
Network 		Delta Electronics, INC. AS320T Firmware Delta Electronics, INC.のAS320T Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-1951 2026-05-13 10:27 2026-04-24 Show GitHub Exploit DB Packet Storm
969 7.5 重要
Network 		Delta Electronics, INC. AS320T Firmware Delta Electronics, INC.のAS320T Firmwareにおける非公開の機能に関する脆弱性 CWE-912
非公開の機能 		CVE-2026-1952 2026-05-13 10:27 2026-04-24 Show GitHub Exploit DB Packet Storm
970 9.1 緊急
Network 		DDEV DDEV DDEVにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-32885 2026-05-13 10:27 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
441 8.8 HIGH
Network 		microsoft data_formulator Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network. CWE-94
Code Injection 		CVE-2026-41094 2026-05-16 10:47 2026-05-13 Show GitHub Exploit DB Packet Storm
442 4.3 MEDIUM
Network 		microsoft 365_apps
office
word 		External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network. CWE-73
 External Control of File Name or Path 		CVE-2026-40421 2026-05-16 10:43 2026-05-13 Show GitHub Exploit DB Packet Storm
443 9.0 CRITICAL
Network 		- - SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar (community marketplace) renders the name and version fields of a package's plugin.json (and the equivale… CWE-79
CWE-116
Cross-site Scripting
 Improper Encoding or Escaping of Output 		CVE-2026-45375 2026-05-16 10:16 2026-05-15 Show GitHub Exploit DB Packet Storm
444 8.3 HIGH
Network 		- - python-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args method in cli_communication_protocol.py inserts user-controlled tool_args values directly into shell comman… CWE-78
OS Command  		CVE-2026-45369 2026-05-16 10:16 2026-05-15 Show GitHub Exploit DB Packet Storm
445 7.8 HIGH
Local 		saitoha libsixel libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap bu… CWE-122
CWE-190
Heap-based Buffer Overflow
 Integer Overflow or Wraparound 		CVE-2026-44636 2026-05-16 10:16 2026-05-15 Show GitHub Exploit DB Packet Storm
446 5.5 MEDIUM
Local 		openimageio openimageio OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decode_… CWE-125
Out-of-bounds Read 		CVE-2026-43996 2026-05-16 10:16 2026-05-15 Show GitHub Exploit DB Packet Storm
447 7.8 HIGH
Local 		openimageio openimageio OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 (mixed RLE) an… CWE-787
 Out-of-bounds Write 		CVE-2026-43904 2026-05-16 10:16 2026-05-15 Show GitHub Exploit DB Packet Storm
448 - - - ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #122, there is a critical SQL Injection (SQLi) vulnerability in ClipBucket, exploitable through the type parameter on the auth… CWE-89
SQL Injection 		CVE-2026-42847 2026-05-16 10:16 2026-05-15 Show GitHub Exploit DB Packet Storm
449 - - - mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modify_crond a… CWE-78
CWE-862
OS Command 
 Missing Authorization 		CVE-2026-41315 2026-05-16 10:16 2026-05-15 Show GitHub Exploit DB Packet Storm
450 8.8 HIGH
Network 		- - Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-787
 Out-of-bounds Write 		CVE-2026-8558 2026-05-16 06:16 2026-05-15 Show GitHub Exploit DB Packet Storm