Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1101	9.8	緊急 Network	エレコム株式会社	WAB-BE36-M WRC-X3000GST2-B WRC-X1800GS-B WRC-X6000QSA-G WRC-X3000GS2-W WRC-XE5400GS-G WRC-X3000GS2-B WRC-X1800GSA-B WRC-BE65QSD-B WRC-X6000XST-G WRC-X1800GSH-B WRC-X6…	エレコム製無線LANルーターおよび無線アクセスポイントにおける複数の脆弱性（2026年5月）	CWE-78 CWE-79 CWE-Other	CVE-2026-25107 CVE-2026-35506 CVE-2026-40621 CVE-2026-42062 CVE-2026-42948 CVE-2026-42950 CVE-2026-42961	2026-05-12 14:20	2026-05-12	Show	GitHub Exploit DB Packet Storm

1102	-	-	ollama	ollama	Ollamaにおける境界外の読み取りおよび書き込みの脆弱性	-	-	2026-05-12 12:34	2026-05-11	Show	GitHub Exploit DB Packet Storm

1103	4.9	警告 Network	キヤノン	(複数の製品)	キヤノン製プロダクションプリンター、オフィス/スモールオフィス向け複合機における機微な情報を取得可能な脆弱性	CWE-807 セキュリティ決定の信頼できない入力への依存	CVE-2026-1789	2026-05-12 12:34	2026-05-11	Show	GitHub Exploit DB Packet Storm

1104	-	-		-	サーバ製品におけるインテル社公表脆弱性(INTEL-SA-01397他)による影響について	-	CVE-2025-22885 CVE-2025-27560 CVE-2025-27572 CVE-2025-27940 CVE-2025-30513 CVE-2025-31648 CVE-2025-31944 CVE-2025-32007 CVE-2025-32467	2026-05-12 11:50	2026-03-27	Show	GitHub Exploit DB Packet Storm

1105	-	-		-	サーバ製品におけるインテル社公表脆弱性(INTEL-SA-01234)による影響について	-	CVE-2025-20027 CVE-2025-20028 CVE-2025-20064 CVE-2025-20068 CVE-2025-20073 CVE-2025-20105 CVE-2025-22444 CVE-2025-22850	2026-05-12 11:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

1106	-	-		-	サーバ製品におけるBIOSの脆弱性(CVE-2026-22796)による影響について	-	CVE-2026-22796	2026-05-12 11:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

1107	5.3	警告 Local	Prusa3D	PrusaSlicer	Prusa3DのPrusaSlicerにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2023-47268	2026-05-12 10:21	2026-05-8	Show	GitHub Exploit DB Packet Storm

1108	7.2	重要 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるリソースの安全ではないデフォルト値への初期化に関する脆弱性	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2025-31974	2026-05-12 10:21	2026-05-6	Show	GitHub Exploit DB Packet Storm

1109	6.1	警告 Network	Project Jupyter	Jupyter Server	Project JupyterのJupyter Serverにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2025-61669	2026-05-12 10:21	2026-05-5	Show	GitHub Exploit DB Packet Storm

1110	8.1	重要 Network	Apache Software Foundation	CloudStack	Apache Software FoundationのCloudStackにおける不完全なクリーンアップに関する脆弱性	CWE-459 不完全なクリーンアップ	CVE-2025-66467	2026-05-12 10:21	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1661	7.5	HIGH Network	-	-	In Meari IoT Cloud alert image storage on Alibaba OSS (latest observed; storage service version not disclosed), motion snapshots are retrievable without authentication, signed URLs, or expiry enforce…	CWE-862 Missing Authorization	CVE-2026-33359	2026-05-14 00:36	2026-05-12	Show	GitHub Exploit DB Packet Storm

1662	7.5	HIGH Network	-	-	In Meari IoT SDK image handling (libmrplayer.so) as observed in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and related white-label apps (<= 1.8.x), baby monitor ".jpgx3" files use reversi…	CWE-326 Inadequate Encryption Strength	CVE-2026-33361	2026-05-14 00:36	2026-05-12	Show	GitHub Exploit DB Packet Storm

1663	8.6	HIGH Network	-	-	In Meari IoT SDK builds embedded in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and white-label Android apps <= 1.8.x (latest observed), multiple security-critical secrets are hardcoded an…	CWE-321 Use of Hard-coded Cryptographic Key	CVE-2026-33362	2026-05-14 00:36	2026-05-12	Show	GitHub Exploit DB Packet Storm

1664	8.4	HIGH Network	-	-	A vulnerability has been identified in [Rancher's Extensions](https://ranchermanager.docs.rancher.com/integrations-in-rancher/rancher-extensions) where malicious code can be injected in Rancher throu…	CWE-35 Path Traversal: '.../...//'	CVE-2026-25705	2026-05-14 00:35	2026-05-13	Show	GitHub Exploit DB Packet Storm

1665	9.9	CRITICAL Network	-	-	Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on …	CWE-863 Incorrect Authorization	CVE-2026-41050	2026-05-14 00:35	2026-05-13	Show	GitHub Exploit DB Packet Storm

1666	-		-	-	The new upstream added a privileged D-Bus helper called plasmaloginauthhelper, which suffers from multiple issues, e.g.aA compromised plasmalogin service account can chown() arbitrary files in the sy…	CWE-250 Execution with Unnecessary Privileges	CVE-2026-25710	2026-05-14 00:35	2026-05-13	Show	GitHub Exploit DB Packet Storm

1667	-		-	-	The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-44931	2026-05-14 00:35	2026-05-13	Show	GitHub Exploit DB Packet Storm

1668	8.8	HIGH Adjacent	-	-	A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim…	CWE-79 Cross-site Scripting	CVE-2026-23819	2026-05-14 00:35	2026-05-13	Show	GitHub Exploit DB Packet Storm

1669	7.2	HIGH Network	-	-	A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environme…	CWE-78 OS Command	CVE-2026-23820	2026-05-14 00:35	2026-05-13	Show	GitHub Exploit DB Packet Storm

1670	7.2	HIGH Network	-	-	A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Su…	CWE-78 OS Command	CVE-2026-23821	2026-05-14 00:35	2026-05-13	Show	GitHub Exploit DB Packet Storm