Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224571 5.4 警告 BlackBerry - QNX Software Development Platform の BlackBerry QNX Neutrino RTOS におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-2688 2013-07-16 14:50 2013-06-4 Show GitHub Exploit DB Packet Storm
224572 7.8 危険 BlackBerry - QNX Software Development Platform におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-2687 2013-07-16 14:49 2013-06-4 Show GitHub Exploit DB Packet Storm
224573 10 危険 IBM
Apache Software Foundation		 - IBM WebSphere Application Server などの製品で使用される Apache Geronimo における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-1777 2013-07-16 14:37 2013-07-1 Show GitHub Exploit DB Packet Storm
224574 5 警告 シャープ株式会社 - AQUOSフォトプレーヤー HN-PP150 におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-3655 2013-07-16 14:18 2013-07-11 Show GitHub Exploit DB Packet Storm
224575 5 警告 ジュニパーネットワークス - Juniper Networks SRX1400、SRX3400、および SRX3600 上で稼働する Junos における重要な情報を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4690 2013-07-16 10:57 2013-07-10 Show GitHub Exploit DB Packet Storm
224576 7.8 危険 ジュニパーネットワークス - Juniper Networks SRX デバイス上で稼働する Junos の flowd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-4688 2013-07-16 10:57 2013-07-10 Show GitHub Exploit DB Packet Storm
224577 7.8 危険 ジュニパーネットワークス - Juniper Networks SRX デバイス上で稼働する Junos の flowd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-4687 2013-07-16 10:56 2013-07-10 Show GitHub Exploit DB Packet Storm
224578 7.1 危険 ジュニパーネットワークス - Juniper Junos のカーネルにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-4686 2013-07-16 10:55 2013-07-10 Show GitHub Exploit DB Packet Storm
224579 10 危険 ジュニパーネットワークス - Juniper Networks SRX デバイス上で稼働する Junos の flowd におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4685 2013-07-16 10:54 2013-07-10 Show GitHub Exploit DB Packet Storm
224580 7.8 危険 ジュニパーネットワークス - Juniper Networks SRX デバイス上で稼働する Junos の flowd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-4684 2013-07-16 10:51 2013-07-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
791 6.5 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef is accessible without authentication and executes request.ap… Update CWE-862
 Missing Authorization 		CVE-2026-45667 2026-05-19 10:28 2026-05-16 Show GitHub Exploit DB Packet Storm
792 6.5 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/{note_id} endpoint lacks proper authorization checks, allowin… Update CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-45666 2026-05-19 10:28 2026-05-16 Show GitHub Exploit DB Packet Storm
793 8.1 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Banner component due… Update CWE-79
Cross-site Scripting 		CVE-2026-45665 2026-05-19 10:28 2026-05-16 Show GitHub Exploit DB Packet Storm
794 6.3 MEDIUM
Network 		- - A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based … Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-8733 2026-05-19 06:16 2026-05-17 Show GitHub Exploit DB Packet Storm
795 4.7 MEDIUM
Network 		- - SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0, the logout endpoint accepts a url query parameter to redire… New CWE-601
Open Redirect 		CVE-2025-65954 2026-05-19 06:16 2026-05-19 Show GitHub Exploit DB Packet Storm
796 - - - * Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. * KSU keys using SYMCRYPTO will be impacted by this vulnerability. Update CWE-331
 Insufficient Entropy 		CVE-2025-14972 2026-05-19 05:27 2026-05-16 Show GitHub Exploit DB Packet Storm
797 8.2 HIGH
Network 		- - A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control fu… Update CWE-124
Buffer Underflow 		CVE-2026-34253 2026-05-19 05:23 2026-05-16 Show GitHub Exploit DB Packet Storm
798 7.5 HIGH
Network 		- - An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream._write, lib/smtp-stream.js components Update CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-38728 2026-05-19 05:23 2026-05-16 Show GitHub Exploit DB Packet Storm
799 4.6 MEDIUM
Network 		- - HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios. New CWE-863
 Incorrect Authorization 		CVE-2026-21789 2026-05-19 05:23 2026-05-19 Show GitHub Exploit DB Packet Storm
800 8.2 HIGH
Local 		- - Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash. Update CWE-346
 Origin Validation Error 		CVE-2026-46728 2026-05-19 05:23 2026-05-17 Show GitHub Exploit DB Packet Storm