Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224141 8.5 危険 Palo Alto Networks - Palo Alto Networks PAN-OS のデバイス管理のコマンドラインインターフェイスにおける任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2012-6591 2013-09-4 14:01 2012-04-27 Show GitHub Exploit DB Packet Storm
224142 5 警告 Palo Alto Networks - Palo Alto Networks PAN-OS の Web ベースの管理 UI における詳細エラー情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-6590 2013-09-4 13:56 2012-04-27 Show GitHub Exploit DB Packet Storm
224143 6.9 警告 LULU Software - Soda PDF における権限を取得される脆弱性 CWE-Other
その他 		CVE-2013-3485 2013-09-4 13:54 2013-08-12 Show GitHub Exploit DB Packet Storm
224144 7.1 危険 シスコシステムズ - Cisco IOS の TCP の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-5469 2013-09-4 13:54 2013-09-3 Show GitHub Exploit DB Packet Storm
224145 5 警告 Google - Google Chrome の memory/shared_memory_posix.cc における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2905 2013-09-4 11:26 2013-08-20 Show GitHub Exploit DB Packet Storm
224146 7.5 危険 Google - Google Chrome で使用される Blink の core/dom/Document.cpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2904 2013-09-4 11:25 2013-08-20 Show GitHub Exploit DB Packet Storm
224147 6.3 警告 シスコシステムズ - Cisco Wireless LAN Controller デバイスの Web 管理者インタフェースにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-3474 2013-09-4 11:03 2013-09-3 Show GitHub Exploit DB Packet Storm
224148 10 危険 アドビシステムズ - Adobe Reader および Acrobat における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2013-3346 2013-09-4 11:02 2013-05-14 Show GitHub Exploit DB Packet Storm
224149 7.5 危険 The Cacti Group - Cacti の snmp.php および rrd.php における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-1435 2013-09-4 11:01 2013-08-6 Show GitHub Exploit DB Packet Storm
224150 7.5 危険 The Cacti Group - Cacti の api_poller.php および utility.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-1434 2013-09-4 10:54 2013-08-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 8.8 HIGH
Network 		- - IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the… New CWE-88
Argument Injection 		CVE-2026-47114 2026-05-22 06:03 2026-05-22 Show GitHub Exploit DB Packet Storm
102 4.3 MEDIUM
Network 		- - The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and … New CWE-862
 Missing Authorization 		CVE-2026-4843 2026-05-22 06:03 2026-05-22 Show GitHub Exploit DB Packet Storm
103 6.1 MEDIUM
Network 		simplesamlphp simplesamlphp-casserver
simplesamlphp_casserver 		SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redire… Update CWE-601
Open Redirect 		CVE-2025-65954 2026-05-22 06:01 2026-05-19 Show GitHub Exploit DB Packet Storm
104 7.5 HIGH
Network 		mozilla firefox
firefox_focus 		Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151. Update CWE-693
 Protection Mechanism Failure 		CVE-2026-8945 2026-05-22 05:56 2026-05-19 Show GitHub Exploit DB Packet Storm
105 4.8 MEDIUM
Network 		samba rsync Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass host… Update CWE-289
 Authentication Bypass by Alternate Name 		CVE-2026-43617 2026-05-22 05:54 2026-05-20 Show GitHub Exploit DB Packet Storm
106 3.7 LOW
Network 		samba rsync Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c that allows network attackers to corrupt stack memor… Update CWE-193
 Off-by-one Error 		CVE-2026-45232 2026-05-22 05:52 2026-05-20 Show GitHub Exploit DB Packet Storm
107 5.5 MEDIUM
Local 		samba rsync Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash the rsync client process. Atta… Update CWE-125
Out-of-bounds Read 		CVE-2026-43620 2026-05-22 05:47 2026-05-20 Show GitHub Exploit DB Packet Storm
108 6.3 MEDIUM
Local 		samba rsync Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat … Update CWE-59
CWE-367
Link Following
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-43619 2026-05-22 05:42 2026-05-20 Show GitHub Exploit DB Packet Storm
109 8.1 HIGH
Network 		samba rsync Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigg… Update CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2026-43618 2026-05-22 05:34 2026-05-20 Show GitHub Exploit DB Packet Storm
110 6.5 MEDIUM
Network 		faraday_project faraday Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Versions 2.0.0 through 2.14.1 still allow protocol-relative host override when the request tar… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-33637 2026-05-22 05:17 2026-05-20 Show GitHub Exploit DB Packet Storm