Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224581	7.1	危険	Linux	-	Linux Kernel の net/sctp/input.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-362 競合状態	CVE-2011-4348	2013-06-11 16:23	2009-03-23	Show	GitHub Exploit DB Packet Storm

224582	4	警告	Linux	-	Linux Kernel の KVM サブシステムの virt/kvm/assigned-dev.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4347	2013-06-11 16:20	2012-01-18	Show	GitHub Exploit DB Packet Storm

224583	1.9	注意	Linux	-	Linux Kernel の GFS2 ファイルシステムの fallocate の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-4098	2013-06-11 16:17	2011-09-12	Show	GitHub Exploit DB Packet Storm

224584	4.3	警告	Linux	-	Linux Kernel の net/bridge/br_netfilter.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4087	2013-06-11 16:16	2011-05-18	Show	GitHub Exploit DB Packet Storm

224585	4.6	警告	Linux	-	Linux Kernel の security/apparmor/lsm.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-3619	2013-06-11 16:16	2011-07-21	Show	GitHub Exploit DB Packet Storm

224586	5.7	警告	Linux レッドハット	-	Red Hat Enterprise Linux 上で稼働する Linux Kernel の net/8021q/vlan_core.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3593	2013-06-11 16:15	2011-10-3	Show	GitHub Exploit DB Packet Storm

224587	4.6	警告	レッドハット	-	Red Hat Enterprise Linux 上で稼働するカーネルパッケージの be2net の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-3347	2013-06-11 16:14	2011-09-7	Show	GitHub Exploit DB Packet Storm

224588	6.8	警告	Linux レッドハット	-	Red Hat Enterprise Linux 上で稼働する Linux Kernel の net/bridge/br_forward.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError CWE-Other	CVE-2011-2942	2013-06-11 16:14	2011-08-16	Show	GitHub Exploit DB Packet Storm

224589	1.9	注意	レッドハット	-	Red Hat Enterprise Linux のカーネルパッケージの perf サブシステムにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-2693	2013-06-11 16:13	2011-03-17	Show	GitHub Exploit DB Packet Storm

224590	7.8	危険	Linux	-	Red Hat Enterprise Linux で使用される Linux Kernel の net/sctp/socket.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-2482	2013-06-11 16:12	2007-04-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
201	8.1	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTT… New	CWE-22 Path Traversal	CVE-2026-44565	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

202	7.3	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, Excel file attachments are previewed in an unsafe way. A crafted XLSX file payload c… New	CWE-79 Cross-site Scripting	CVE-2026-44549	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

203	8.1	HIGH Network	-	-	Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers… New	CWE-94 Code Injection	CVE-2026-35194	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

204	7.5	HIGH Network	-	-	radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbi… New	CWE-416 Use After Free	CVE-2026-8696	2026-05-16 06:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

205	8.8	HIGH Network	-	-	Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) New	CWE-787 Out-of-bounds Write	CVE-2026-8558	2026-05-16 06:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

206	7.5	HIGH Network	-	-	phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId() method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted … New	CWE-863 Incorrect Authorization	CVE-2026-46366	2026-05-16 06:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

207	5.4	MEDIUM Network	-	-	phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in FAQ creation and update endpoints that bypass sanitization through encode-decode cycles. The vulnerability allows authent… New	CWE-79 Cross-site Scripting	CVE-2026-46363	2026-05-16 06:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

208	5.4	MEDIUM Network	-	-	phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities() that limits recursive entity decoding to 5 iterations, allowing attackers to bypass san… New	CWE-79 Cross-site Scripting	CVE-2026-46360	2026-05-16 06:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

209	8.1	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP and OAuth authentication flows use a TOCTOU (Time-of-Check-Time-of-Use) patt… New	CWE-269 CWE-362 Improper Privilege Management Race Condition	CVE-2026-45675	2026-05-16 06:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

210	8.8	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter … New	CWE-863 Incorrect Authorization	CVE-2026-45672	2026-05-16 06:16	2026-05-16	Show	GitHub Exploit DB Packet Storm