Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
221 9.1 緊急
Network 		Netty Netty NettyにおけるHTTP リクエストスマグリングに関する脆弱性 New CWE-444
HTTP リクエストスマグリング 		CVE-2026-42584 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
222 7.5 重要
Network 		Netty Netty NettyにおけるHTTP リクエストスマグリングに関する脆弱性 New CWE-444
HTTP リクエストスマグリング 		CVE-2026-42585 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
223 7.1 重要
Local 		Netty Netty NettyにおけるCRLF インジェクションの脆弱性 New CWE-93
CRLF インジェクション 		CVE-2026-42586 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
224 7.5 重要
Network 		Netty Netty Nettyにおけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-42587 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
225 9.8 緊急
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-42589 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
226 8.2 重要
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける不完全なブラックリストに関する脆弱性 New CWE-184
不完全なブラックリスト 		CVE-2026-42590 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
227 8.2 重要
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42591 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
228 5.3 警告
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける複数の脆弱性 New CWE-367
CWE-918
CVE-2026-42592 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
229 5.3 警告
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける複数の脆弱性 New CWE-22
CWE-73
CVE-2026-42593 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
230 7.5 重要
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける競合状態に関する脆弱性 New CWE-362
競合状態 		CVE-2026-42594 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
871 5.4 MEDIUM
Network 		google chrome Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Update CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-8561 2026-05-19 03:22 2026-05-15 Show GitHub Exploit DB Packet Storm
872 4.3 MEDIUM
Network 		google chrome Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Mediu… Update CWE-1300
 Improper Protection of Physical Side Channels 		CVE-2026-8562 2026-05-19 03:21 2026-05-15 Show GitHub Exploit DB Packet Storm
873 9.1 CRITICAL
Network 		- - DumbAssets through 1.0.11 contains a path traversal vulnerability in the POST /api/delete-file endpoint and filesToDelete array parameters that allows unauthenticated attackers to delete arbitrary fi… New CWE-22
Path Traversal 		CVE-2026-45230 2026-05-19 03:17 2026-05-19 Show GitHub Exploit DB Packet Storm
874 10.0 CRITICAL
Network 		- - Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network. New CWE-287
Improper Authentication 		CVE-2026-42822 2026-05-19 03:17 2026-05-19 Show GitHub Exploit DB Packet Storm
875 8.8 HIGH
Network 		- - Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a privilege escalation vulnerability that may allow an authenticated user with limited access privileges to gain unauthorized administrato… New CWE-269
 Improper Privilege Management 		CVE-2026-41085 2026-05-19 03:17 2026-05-19 Show GitHub Exploit DB Packet Storm
876 6.2 MEDIUM
Local 		- - OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format (CPF) parser, specifically in CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c. A c… New CWE-125
Out-of-bounds Read 		CVE-2026-38719 2026-05-19 03:17 2026-05-19 Show GitHub Exploit DB Packet Storm
877 5.5 MEDIUM
Local 		- - NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodev_op() function in sys/opencrypto/cryptodev.c where the local variable iov_len is declared as a signed i… New CWE-190
CWE-476
 Integer Overflow or Wraparound
 NULL Pointer Dereference 		CVE-2026-32849 2026-05-19 03:17 2026-05-19 Show GitHub Exploit DB Packet Storm
878 4.7 MEDIUM
Local 		- - NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently… New CWE-362
CWE-415
Race Condition
 Double Free 		CVE-2026-32848 2026-05-19 03:17 2026-05-19 Show GitHub Exploit DB Packet Storm
879 5.3 MEDIUM
Local 		oalders www\ WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache… Update CWE-502
CWE-732
 Deserialization of Untrusted Data
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-8612 2026-05-19 03:17 2026-05-15 Show GitHub Exploit DB Packet Storm
880 8.8 HIGH
Network 		- - ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command Injection. New CWE-77
Command Injection 		CVE-2025-57282 2026-05-19 03:17 2026-05-19 Show GitHub Exploit DB Packet Storm