Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231561	10	危険	snews	-	sNews の snews.php における許可されていない管理者操作を実行される脆弱性	-	CVE-2007-0261	2012-12-20 18:19	2007-01-16	Show	GitHub Exploit DB Packet Storm

231562	7.8	危険	VideoLAN	-	VideoLAN VLC におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0256	2012-12-20 18:19	2007-01-16	Show	GitHub Exploit DB Packet Storm

231563	9.3	危険	Xine	-	XINE におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0255	2012-12-20 18:19	2007-01-16	Show	GitHub Exploit DB Packet Storm

231564	10	危険	Xine	-	xine-ui の errors.c におけるフォーマットストリングの脆弱性	-	CVE-2007-0254	2012-12-20 18:19	2007-01-16	Show	GitHub Exploit DB Packet Storm

231565	7.8	危険	Snort.org	-	Snort の src/decode.c における特定のメモリ領域のデリファレンスを誘発される脆弱性	-	CVE-2007-0251	2012-12-20 18:19	2007-01-16	Show	GitHub Exploit DB Packet Storm

231566	5	警告	poptop	-	PoPToP pptpd の pptpgre.c におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0244	2012-12-20 18:19	2007-05-8	Show	GitHub Exploit DB Packet Storm

231567	4.3	警告	Zope Foundation	-	Zope におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0240	2012-12-20 18:19	2007-03-22	Show	GitHub Exploit DB Packet Storm

231568	7.5	危険	WordPress.org	-	WordPress の wp-trackback.php における任意の SQL コマンドを実行される脆弱性	-	CVE-2007-0233	2012-12-20 18:19	2007-01-12	Show	GitHub Exploit DB Packet Storm

231569	6.8	警告	シックス・アパート株式会社	-	MT におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0231	2012-12-20 18:19	2007-01-12	Show	GitHub Exploit DB Packet Storm

231570	6.8	警告	spine	-	SPINE におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2007-0101	2012-12-20 18:19	2007-01-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
561	7.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks acr… Update	CWE-862 Missing Authorization	CVE-2026-45399	2026-05-19 12:08	2026-05-16	Show	GitHub Exploit DB Packet Storm

562	6.5	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI allows admins to restrict which API endpoints an API key can access. When… Update	CWE-863 Incorrect Authorization	CVE-2026-45339	2026-05-19 12:07	2026-05-16	Show	GitHub Exploit DB Packet Storm

563	8.5	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_url() in backend/open_webui/retrieval/web/utils.py calls validators.ipv6(ip… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45331	2026-05-19 12:06	2026-05-16	Show	GitHub Exploit DB Packet Storm

564	4.8	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the AccountPending.svelte component renders the admin-configured "Pending User Overl… Update	CWE-79 Cross-site Scripting	CVE-2026-44568	2026-05-19 12:06	2026-05-16	Show	GitHub Exploit DB Packet Storm

565	4.3	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, when setting model permissions so that a group has read access to it, intending for … Update	CWE-200 Information Exposure	CVE-2026-45387	2026-05-19 12:05	2026-05-16	Show	GitHub Exploit DB Packet Storm

566	7.2	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint (POST /api/v1/tools/id/{id}/update) is missing the workspac… Update	CWE-269 CWE-862 Improper Privilege Management Missing Authorization	CVE-2026-45395	2026-05-19 12:05	2026-05-16	Show	GitHub Exploit DB Packet Storm

567	4.3	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, an IDOR vulnerability exists in the Channels feature of Open WebUI, allowing any cha… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45385	2026-05-19 10:45	2026-05-16	Show	GitHub Exploit DB Packet Storm

568	6.3	MEDIUM Network	open5gs	open5gs	A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in … New	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-8743	2026-05-19 10:35	2026-05-17	Show	GitHub Exploit DB Packet Storm

569	5.5	MEDIUM Local	steipete	summarize	Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default… New	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-45246	2026-05-19 10:34	2026-05-19	Show	GitHub Exploit DB Packet Storm

570	5.4	MEDIUM Network	steipete	summarize	Summarize prior to 0.15.1 contains a missing authorization vulnerability that allows attackers to execute browser automation actions without per-call user approval when the extension automation featu… New	CWE-862 Missing Authorization	CVE-2026-45244	2026-05-19 10:34	2026-05-19	Show	GitHub Exploit DB Packet Storm