Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245881	5	警告	apache stats	-	Ian Bezanson Apache Stats における重要な変数を上書きされる脆弱性	-	CVE-2007-0975	2012-06-26 15:46	2007-02-15	Show	GitHub Exploit DB Packet Storm

245882	9	危険	シスコシステムズ	-	Cisco FWSM における特定の ACL 保護を回避される脆弱性	-	CVE-2007-0968	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245883	7.8	危険	シスコシステムズ	-	Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0967	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245884	7.8	危険	シスコシステムズ	-	Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0966	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245885	7.8	危険	シスコシステムズ	-	Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0965	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245886	5.4	警告	シスコシステムズ	-	Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0964	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245887	7.8	危険	シスコシステムズ	-	Cisco FWSM におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0963	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245888	4.3	警告	atmail pty ltd	-	Atmail の search.pl におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0953	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245889	7.5	危険	fullaspsite	-	Fullaspsite ASP ホスティングサイトの listmain.asp における SQL インジェクションの脆弱性	-	CVE-2007-0951	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245890	6.8	警告	fullaspsite	-	Fullaspsite ASP ホスティングサイトの listmain.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0950	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
111	7.7	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery (SSRF) vulnerability exists in _process_picture_url() … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45338	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

112	8.5	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_url() in backend/open_webui/retrieval/web/utils.py calls validators.ipv6(ip… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45331	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

113	9.1	CRITICAL Network	-	-	phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the /admin/check endpoint, which accepts arbitrary user-id parameters without session bind… New	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-45010	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

114	6.5	MEDIUM Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standard channels (i.e., channels whose channel.type is neither group nor dm), th… New	CWE-862 Missing Authorization	CVE-2026-44571	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

115	6.5	MEDIUM Network	-	-	Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer GifRow sized… New	CWE-787 Out-of-bounds Write	CVE-2026-8669	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

116	5.3	MEDIUM Local	-	-	Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer G… New	CWE-787 Out-of-bounds Write	CVE-2026-8454	2026-05-16 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

117	-		-	-	Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage. New	CWE-331 Insufficient Entropy	CVE-2026-46474	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

118	5.4	MEDIUM Network	-	-	phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/{tagId} endpoint that allows any authenticated user to delete tags. Any logged-in user, incl… New	CWE-862 Missing Authorization	CVE-2026-46365	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

119	7.5	HIGH Network	-	-	phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attac… New	CWE-89 SQL Injection	CVE-2026-46359	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

120	8.0	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user can permanently delete files owned by other users via DELETE … New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45671	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm