Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245941 5 警告 アップル - Apple Mac OS X の SSH 鍵生成プロセスにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0726 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
245942 8.5 危険 アップル - Apple Mac OS X 用 DS Plug-In の認証機能における root パスワードを変更される脆弱性 - CVE-2007-0723 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
245943 6.8 警告 アップル - Apple Mac OS X における整数オーバーフローの脆弱性 - CVE-2007-0722 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
245944 6.8 警告 アップル - Apple Mac OS X の diskimages-helper における任意のコードを実行される脆弱性 - CVE-2007-0721 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
245945 7.2 危険 Comodo - Comodo Firewall Pro および Comodo Personal Firewall の cmdmon.sys におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0709 2012-06-26 15:46 2007-02-3 Show GitHub Exploit DB Packet Storm
245946 7.2 危険 Comodo - Comodo Firewall Pro の cmdmon.sys におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0708 2012-06-26 15:46 2007-02-3 Show GitHub Exploit DB Packet Storm
245947 6.8 警告 Gretech - GOM Player におけるスタックベースのバッファーオーバーフローの脆弱性 - CVE-2007-0707 2012-06-26 15:46 2007-02-3 Show GitHub Exploit DB Packet Storm
245948 7.5 危険 epistemon - Epistemon の inc/common.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0701 2012-06-26 15:46 2007-02-3 Show GitHub Exploit DB Packet Storm
245949 6.8 警告 free lan intra internet portal - FLIP におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0696 2012-06-26 15:46 2007-02-3 Show GitHub Exploit DB Packet Storm
245950 7.5 危険 free lan intra internet portal - FLIP における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-0695 2012-06-26 15:46 2007-02-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
231 7.1 HIGH
Local 		- - Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.jso… New CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-44641 2026-05-16 04:17 2026-05-16 Show GitHub Exploit DB Packet Storm
232 7.5 HIGH
Network 		- - hoppscotch is an open source API development ecosystem. The fix for CVE-2026-28215 in version 2026.2.0 addresses the unauthenticated POST /v1/onboarding/config endpoint by checking onboardingComplete… New CWE-284
CWE-287
Improper Access Control
Improper Authentication 		CVE-2026-44478 2026-05-16 04:17 2026-05-14 Show GitHub Exploit DB Packet Storm
233 4.0 MEDIUM
Network 		lfprojects mcp_registry The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the Registry's HTTP-based namespace verification (POST /v0/auth/http, POST /v0.1/a… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44430 2026-05-16 04:16 2026-05-15 Show GitHub Exploit DB Packet Storm
234 5.8 MEDIUM
Network 		- - css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle (MITM) attacker to inject or modify CSS content when s… New CWE-295
CWE-829
Improper Certificate Validation 
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-44312 2026-05-16 04:16 2026-05-15 Show GitHub Exploit DB Packet Storm
235 7.3 HIGH
Network 		- - Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.6.1, the Outline comment section permits users to mention other users; however, the backend does not validate or san… Update CWE-79
Cross-site Scripting 		CVE-2026-43887 2026-05-16 04:16 2026-05-12 Show GitHub Exploit DB Packet Storm
236 - - - WWBN AVideo is an open source video platform. In versions up to and including 29.0, an unauthenticated user can read APISecret from objects/plugins.json.php and use it to call protected API endpoints… Update CWE-200
CWE-862
Information Exposure
 Missing Authorization 		CVE-2026-43885 2026-05-16 04:16 2026-05-12 Show GitHub Exploit DB Packet Storm
237 5.4 MEDIUM
Network 		- - WWBN AVideo is an open source video platform. In versions up to and including 29.0, an authenticated user can configure their own donation-notification webhook URL to point at internal/loopback/metad… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-43879 2026-05-16 04:16 2026-05-12 Show GitHub Exploit DB Packet Storm
238 - - - Fiber is a web framework for Go. Prior to 2.52.12 and 3.1.0, Cross-Site Scripting vulnerability in Go Fiber allows a remote attacker to inject arbitrary HTML/JavaScript by supplying Accept: text/html… Update CWE-79
Cross-site Scripting 		CVE-2026-42554 2026-05-16 04:16 2026-05-12 Show GitHub Exploit DB Packet Storm
239 7.5 HIGH
Network 		- - Flight is an extensible micro-framework for PHP. Prior to 3.18.1, the default error handler Engine::_error() writes the full exception message, exception code, and stack trace (including absolute fil… New CWE-209
Information Exposure Through an Error Message 		CVE-2026-42552 2026-05-16 04:16 2026-05-14 Show GitHub Exploit DB Packet Storm
240 - - - Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Pr… New CWE-87
 Improper Neutralization of Alternate XSS Syntax 		CVE-2026-42458 2026-05-16 04:16 2026-05-16 Show GitHub Exploit DB Packet Storm