Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201	9.8	緊急 Network	ollama	ollama	Ollamaにおける複数の脆弱性 New	CWE-22 CWE-494	CVE-2026-42249	2026-05-20 13:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

202	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性 New	CWE-77 CWE-93	CVE-2026-42257	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

203	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性 New	CWE-77 CWE-93	CVE-2026-42258	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

204	7.1	重要 Network	Quantum Nous	New API	Quantum NousのNew APIにおけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42339	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

205	9.8	緊急 Network	sentry	sentry	sentryにおけるスプーフィングによる認証回避に関する脆弱性 New	CWE-290 スプーフィングによる認証回避	CVE-2026-42354	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

206	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおける再帰制御に関する脆弱性 New	CWE-674 不適切な再帰制御	CVE-2026-42355	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

207	5.1	警告 Local	uriparser project	uriparser	uriparser projectのuriparserにおける数値打ち切り誤差に関する脆弱性 New	CWE-197 数値打ち切り誤差	CVE-2026-42371	2026-05-20 13:30	2026-04-27	Show	GitHub Exploit DB Packet Storm

208	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおけるNULL ポインタデリファレンスに関する脆弱性 New	CWE-476 NULL ポインタデリファレンス	CVE-2026-42442	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

209	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおけるゼロ除算に関する脆弱性 New	CWE-369 ゼロ除算	CVE-2026-42443	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

210	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-42444	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
871	5.4	MEDIUM Network	google	chrome	Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-8561	2026-05-19 03:22	2026-05-15	Show	GitHub Exploit DB Packet Storm

872	4.3	MEDIUM Network	google	chrome	Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Mediu…	CWE-1300 Improper Protection of Physical Side Channels	CVE-2026-8562	2026-05-19 03:21	2026-05-15	Show	GitHub Exploit DB Packet Storm

873	9.1	CRITICAL Network	-	-	DumbAssets through 1.0.11 contains a path traversal vulnerability in the POST /api/delete-file endpoint and filesToDelete array parameters that allows unauthenticated attackers to delete arbitrary fi…	CWE-22 Path Traversal	CVE-2026-45230	2026-05-19 03:17	2026-05-19	Show	GitHub Exploit DB Packet Storm

874	10.0	CRITICAL Network	-	-	Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.	CWE-287 Improper Authentication	CVE-2026-42822	2026-05-19 03:17	2026-05-19	Show	GitHub Exploit DB Packet Storm

875	8.8	HIGH Network	-	-	Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privilege escalation vulnerability that may allow an authenticated user with limited access privileges to gain unauthorized administrato…	CWE-269 Improper Privilege Management	CVE-2026-41085	2026-05-19 03:17	2026-05-19	Show	GitHub Exploit DB Packet Storm

876	6.2	MEDIUM Local	-	-	OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format (CPF) parser, specifically in CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c. A c…	CWE-125 Out-of-bounds Read	CVE-2026-38719	2026-05-19 03:17	2026-05-19	Show	GitHub Exploit DB Packet Storm

877	5.5	MEDIUM Local	-	-	NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodev_op() function in sys/opencrypto/cryptodev.c where the local variable iov_len is declared as a signed i…	CWE-190 CWE-476 Integer Overflow or Wraparound NULL Pointer Dereference	CVE-2026-32849	2026-05-19 03:17	2026-05-19	Show	GitHub Exploit DB Packet Storm

878	4.7	MEDIUM Local	-	-	NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently…	CWE-362 CWE-415 Race Condition Double Free	CVE-2026-32848	2026-05-19 03:17	2026-05-19	Show	GitHub Exploit DB Packet Storm

879	5.3	MEDIUM Local	oalders	www\	WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache…	CWE-502 CWE-732 Deserialization of Untrusted Data Incorrect Permission Assignment for Critical Resource	CVE-2026-8612	2026-05-19 03:17	2026-05-15	Show	GitHub Exploit DB Packet Storm

880	8.8	HIGH Network	-	-	ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection.	CWE-77 Command Injection	CVE-2025-57282	2026-05-19 03:17	2026-05-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed