Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
246471 9.3 危険 アップル
マイクロソフト		 - Apple Safari におけるバッファオーバーフローの脆弱性 - CVE-2007-3376 2012-06-26 15:46 2007-06-25 Show GitHub Exploit DB Packet Storm
246472 2.1 注意 Avahi - Avahi の Avahi デーモンにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3372 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246473 7.8 危険 cPanel - cPanel の scgiwrap における重要な情報を取得される脆弱性 - CVE-2007-3367 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246474 4.3 警告 cPanel - cPanel の scgiwrap におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3366 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246475 10 危険 ageet - ageet AGEphone における詳細不明な脆弱性 - CVE-2007-3363 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246476 7.8 危険 ageet
マイクロソフト
HTC Corporation		 - ageet AGEphone におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3362 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246477 9.3 危険 bitchx - BitchX の hook.c における任意のコマンドを実行される脆弱性 - CVE-2007-3360 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246478 7.8 危険 マイクロソフト
AOL		 - AIM におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3350 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246479 7.8 危険 aastra telecom - Aastra 9112i SIP Phone におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3349 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
246480 7.8 危険 D-Link Systems, Inc. - D-Link DPH-540/DPH-541 電話機におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3348 2012-06-26 15:46 2007-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
791 7.5 HIGH
Network 		- - MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth clas… New CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function 		CVE-2026-44847 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
792 8.2 HIGH
Network 		- - LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other ap… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-44843 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
793 5.9 MEDIUM
Network 		- - view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file … New CWE-187
 Partial String Comparison 		CVE-2026-44837 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
794 7.5 HIGH
Network 		- - Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass use… New CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-44209 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
795 4.9 MEDIUM
Network 		- - Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which a… New CWE-202
 Exposure of Sensitive Information Through Data Queries 		CVE-2026-42797 2026-05-27 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
796 - - - MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a broken access control vulnerability in the OSS file service URL fetch API (chat/api/oss/get_url). The en… New CWE-862
 Missing Authorization 		CVE-2026-42337 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
797 - - - MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch functionality due to inconsi… New CWE-367
CWE-918
 Time-of-check Time-of-use (TOCTOU) Race Condition
Server-Side Request Forgery (SSRF)  		CVE-2026-42336 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
798 - - - MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch (chat/api/o… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42335 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
799 9.8 CRITICAL
Network 		- - IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the ap… New CWE-863
 Incorrect Authorization 		CVE-2026-3660 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm
800 - - - AppLockZ App Lock and Fingerprint Lock (applock.passwordfingerprint.applockz) 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an ove… New - CVE-2025-68711 2026-05-27 06:16 2026-05-27 Show GitHub Exploit DB Packet Storm