Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230731	6.8	警告	The phpMyAdmin Project	-	PhpMyAdmin におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6942	2012-12-20 18:18	2007-01-17	Show	GitHub Exploit DB Packet Storm

230732	7.5	危険	portix-php	-	Portix-PHP の login コンポーネントにおける SQL インジェクションの脆弱性	-	CVE-2006-6935	2012-12-20 18:18	2007-01-16	Show	GitHub Exploit DB Packet Storm

230733	6.8	警告	portix-php	-	Portix-PHP におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6934	2012-12-20 18:18	2007-01-16	Show	GitHub Exploit DB Packet Storm

230734	5	警告	Snort.org	-	Snort におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6931	2012-12-20 18:18	2007-01-16	Show	GitHub Exploit DB Packet Storm

230735	6.8	警告	sage-mozdev	-	Firefox Sage エクステンションにおけるローカルコンテキストの任意の Javascript を実行される脆弱性	-	CVE-2006-6919	2012-12-20 18:18	2007-01-11	Show	GitHub Exploit DB Packet Storm

230736	7.5	危険	phpMyFAQ	-	phpMyFAQ における任意の PHP スクリプトをアップロードされる脆弱性	-	CVE-2006-6913	2012-12-20 18:18	2006-12-15	Show	GitHub Exploit DB Packet Storm

230737	7.5	危険	phpMyFAQ	-	phpMyFAQ における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-6912	2012-12-20 18:02	2006-12-15	Show	GitHub Exploit DB Packet Storm

230738	10	危険	東芝	-	Toshiba Bluetooth スタックにおける管理者アクセス権限を取得される脆弱性	-	CVE-2006-6903	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

230739	5.4	警告	widcomm	-	Widcomm BTW におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6897	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

230740	5.4	警告	plantronic	-	Plantronic Headset の Bluetooth スタックにおける許可されていない組み合わせ操作を実行される脆弱性	-	CVE-2006-6896	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1131	6.8	MEDIUM Network	-	-	pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates … New	CWE-295 CWE-306 CWE-863 Improper Certificate Validation Missing Authentication for Critical Function Incorrect Authorization	CVE-2026-42312	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1132	8.0	HIGH Network	-	-	Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource (MAR) updater (org.mozilla.updater) that has had all MAR signature verification stripped from the Fi… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-41431	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1133	-		-	-	jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB (via deeply nested generator … New	CWE-190 CWE-787 Integer Overflow or Wraparound Out-of-bounds Write	CVE-2026-41257	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1134	5.5	MEDIUM Local	-	-	jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter fil… New	CWE-158 Improper Neutralization of Null Byte or NUL Character	CVE-2026-41256	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1135	-		-	-	jq is a command-line JSON processor. In 1.8.1 and earlier, jv_contains recurses into nested arrays/objects with no depth limit. With a sufficiently nested input structure (built programmatically with… New	CWE-674 Uncontrolled Recursion	CVE-2026-40612	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1136	-		-	-	An authenticated administrator who configures or tests LDAP connectivity in Sonatype Nexus Repository Manager versions 3.0.0 through 3.91.1 may be able to initiate unintended server-side connections … New	CWE-502 CWE-918 Deserialization of Untrusted Data Server-Side Request Forgery (SSRF)	CVE-2026-3048	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1137	7.1	HIGH Network	-	-	A Server-Side Request Forgery (SSRF) vulnerability exists in MLflow versions prior to 3.9.0. The `_create_webhook()` function in `mlflow/server/handlers.py` accepts a user-controlled `url` parameter … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-2393	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1138	5.3	MEDIUM Network	-	-	Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to … New	CWE-757 Algorithm Downgrade	CVE-2026-1677	2026-05-12 03:16	2026-05-11	Show	GitHub Exploit DB Packet Storm

1139	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in snd_cx88_hw_params() In error path, add cx88_alsa_dma_unmap() to release resource acquired by c… Update	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2026-43257	2026-05-12 03:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1140	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruptio… Update	CWE-787 Out-of-bounds Write	CVE-2026-43258	2026-05-12 03:10	2026-05-6	Show	GitHub Exploit DB Packet Storm