Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245891	7.5	危険	アルバネットワークス株式会社 Alcatel-Lucent	-	Aruba Mobility Controllers における管理用インターフェースまたは WLAN へアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-0932	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245892	7.5	危険	アルバネットワークス株式会社 Alcatel-Lucent	-	Aruba Mobility Controllers の管理インターフェースにおけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-0931	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245893	7.5	危険	apache stats	-	Apache Stats における任意の変数を変更される脆弱性	-	CVE-2007-0930	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245894	4.3	警告	communityserver.org	-	Community Server の search/SearchResults.aspx におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0925	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

245895	4.3	警告	cPanel	-	cPanel WHM の scripts/passwdmysql におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0890	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

245896	7.8	危険	Gecad Technologies	-	axigen におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0887	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

245897	10	危険	Gecad Technologies	-	axigen におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0886	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

245898	7.8	危険	capital request forms	-	Capital Request Forms におけるデータベースの資格情報を取得される脆弱性	-	CVE-2007-0880	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

245899	6.8	警告	allons voter	-	Allons_voter における認証または特定の管理機能のアクセスを回避される脆弱性	-	CVE-2007-0874	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

245900	7.5	危険	extremepow	-	eXtremePow eXtreme File Hosting における任意の PHP コードをアップロードされる脆弱性	-	CVE-2007-0871	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
261	9.1	CRITICAL Network	microsoft	azure_sdk_for_java	Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network. Update	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-33117	2026-05-16 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm

262	6.5	MEDIUM Network	grafana	grafana	The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated us… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-28376	2026-05-16 03:37	2026-05-14	Show	GitHub Exploit DB Packet Storm

263	9.9	CRITICAL Network	microsoft	dynamics_365_customer_insights	Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network. Update	CWE-269 Improper Privilege Management	CVE-2026-33821	2026-05-16 03:26	2026-05-13	Show	GitHub Exploit DB Packet Storm

264	6.5	MEDIUM Network	distribution	distribution	Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.1, tag deletion via the DELETE /v2/<name>/manifests/<tag> endpoint bypasses the storage.delete.enabled: fal… New	CWE-863 Incorrect Authorization	CVE-2026-41888	2026-05-16 03:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

265	7.5	HIGH Network	mongoosejs	mongoose	Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query… New	CWE-74 Injection	CVE-2026-42334	2026-05-16 03:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

266	4.3	MEDIUM Network	etcd	etcd	etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requ… New	CWE-863 Incorrect Authorization	CVE-2026-44283	2026-05-16 03:24	2026-05-15	Show	GitHub Exploit DB Packet Storm

267	7.5	HIGH Network	-	-	radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed b… New	CWE-416 Use After Free	CVE-2026-8695	2026-05-16 03:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

268	7.0	HIGH Local	-	-	Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without us… New	CWE-78 OS Command	CVE-2026-45036	2026-05-16 03:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

269	-		-	-	Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supp… New	CWE-78 OS Command	CVE-2026-45035	2026-05-16 03:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

270	5.3	MEDIUM Network	-	-	Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. Prior to 0.16.0, gitsign verify and gitsign verify-tag re-encode commit/tag objects through go-git's … New	CWE-295 CWE-347 Improper Certificate Validation Improper Verification of Cryptographic Signature	CVE-2026-44309	2026-05-16 03:16	2026-05-16	Show	GitHub Exploit DB Packet Storm