Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 12:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226941	2.1	注意	simone rota	-	SLiM Simple Login Manager における X セッションにアクセスされる脆弱性	CWE-200 情報漏えい	CVE-2009-1756	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

226942	7.5	危険	realtywebware	-	Realty Webware Technologies Web-Base の list_list.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-1751	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

226943	4.3	警告	pinnaclesys	-	Pinnacle Systems Pinnacle Studio の Pinnacle Hollywood Effects モジュールの InstallHFZ.exe におけるサービス運用妨害 (DoS) の脆弱性	CWE-22 パス・トラバーサル	CVE-2009-1744	2012-12-20 19:10	2009-05-20	Show	GitHub Exploit DB Packet Storm

226944	9.3	危険	pinnaclesys	-	Pinnacle Systems Pinnacle Studio の Pinnacle Hollywood Effects モジュールの InstallHFZ.exe におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-1743	2012-12-20 19:10	2009-05-20	Show	GitHub Exploit DB Packet Storm

226945	7.5	危険	phpeasycode	-	PAD Site Scripts における管理者権限を含む他のユーザとして権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1739	2012-12-20 19:10	2009-05-20	Show	GitHub Exploit DB Packet Storm

226946	6.8	警告	richard ellerbrock	-	IPplan におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-1733	2012-12-20 19:10	2009-05-20	Show	GitHub Exploit DB Packet Storm

226947	4.3	警告	richard ellerbrock	-	IPplan の admin/usermanager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1732	2012-12-20 19:10	2009-05-20	Show	GitHub Exploit DB Packet Storm

226948	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Communications Express におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1729	2012-12-20 19:10	2009-05-20	Show	GitHub Exploit DB Packet Storm

226949	9.3	危険	サン・マイクロシステムズ	-	Sun Java SE Runtime Environment の deploytk.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-1672	2012-12-20 19:10	2009-05-18	Show	GitHub Exploit DB Packet Storm

226950	9.3	危険	サン・マイクロシステムズ	-	Sun Java SE Runtime Environment の deploytk.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-1671	2012-12-20 19:10	2009-05-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2571	6.3	MEDIUM Network	-	-	A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function download_website of the file src/index.ts of the component MCP Interface. Performing a manipulation o…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7642	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2572	4.3	MEDIUM Network	-	-	A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of the component API Endpoint. Executing a manipulation can lead to permissive cros…	CWE-346 CWE-942 Origin Validation Error Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-7643	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2573	7.3	HIGH Network	-	-	A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the file app/mcp/actions.ts. The manipulation leads to improper authorization. Remote …	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-7644	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2574	6.5	MEDIUM Network	-	-	A vulnerability was found in ruvnet sublinear-time-solver 1.5.0. Affected by this vulnerability is the function export_state of the file src/consciousness-explorer/mcp/server.js of the component MCP …	CWE-22 Path Traversal	CVE-2026-7645	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2575	6.3	MEDIUM Network	-	-	A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is the function open_image_in_browser of the file src/index.ts of the component MCP Interface. Performing …	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7653	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2576	5.6	MEDIUM Network	-	-	A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function get_tokenizer of the file python/sglang/srt/utils/hf_transformers_utils.py of the component HuggingFace Transf…	CWE-74 CWE-94 Injection Code Injection	CVE-2026-7669	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2577	4.3	MEDIUM Network	-	-	A vulnerability was found in kerwincui FastBee up to 1.2.1. The affected element is the function ToolController.download of the file springboot/fastbee-open-api/src/main/java/com/fastbee/data/control…	CWE-22 Path Traversal	CVE-2026-7676	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2578	3.5	LOW Network	-	-	A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNotic…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-7677	2026-05-6 04:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

2579	6.3	MEDIUM Network	-	-	A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoView…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7678	2026-05-6 04:13	2026-05-3	Show	GitHub Exploit DB Packet Storm

2580	7.3	HIGH Network	-	-	A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/servi…	CWE-287 Improper Authentication	CVE-2026-7679	2026-05-6 04:13	2026-05-3	Show	GitHub Exploit DB Packet Storm