Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248181 6.8 警告 ImageMagick
レッドハット		 - Imagemagick の ReadDIBImage() 関数におけるバッファオーバーフローの脆弱性 CWE-119
CWE-189
CVE-2007-4988 2012-06-26 14:16 2007-09-24 Show GitHub Exploit DB Packet Storm
248182 9.3 危険 ImageMagick - Imagemagick の ReadBlobString() 関数における一つずれエラーの脆弱性 CWE-189
数値処理の問題 		CVE-2007-4987 2012-06-26 14:16 2007-09-24 Show GitHub Exploit DB Packet Storm
248183 7.5 危険 サイバートラスト株式会社
ImageMagick
レッドハット		 - Imagemagick の複数の複数のイメージファイル処理の不備によるバッファオーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2007-4986 2012-06-26 14:15 2007-09-24 Show GitHub Exploit DB Packet Storm
248184 4.3 警告 サイバートラスト株式会社
ImageMagick
レッドハット		 - Imagemagick の関数の呼び出し処理の不備によるサービス運用妨害 (DoS) の脆弱性 CWE-399
CWE-DesignError
CVE-2007-4985 2012-06-26 14:15 2007-09-24 Show GitHub Exploit DB Packet Storm
248185 5 警告 サイバートラスト株式会社
ImageMagick
ターボリナックス
レッドハット		 - ImageMagick の XWD ファイルの処理における無限ループが発生する脆弱性 - CVE-2005-1739 2012-06-26 14:15 2005-05-21 Show GitHub Exploit DB Packet Storm
248186 7.5 危険 ターボリナックス
レッドハット		 - ImageMagick の SGI ファイルの取り扱いにおけるバッファオーバーフローの脆弱性 - CVE-2005-0762 2012-06-26 14:14 2005-03-23 Show GitHub Exploit DB Packet Storm
248187 5 警告 ターボリナックス
レッドハット		 - ImageMagick における不正な PSD ファイルによるサービス運用妨害 (DoS) の脆弱性 - CVE-2005-0761 2012-06-26 14:14 2005-03-23 Show GitHub Exploit DB Packet Storm
248188 5 警告 ターボリナックス
レッドハット		 - ImageMagick の TIFF デコーダにおけるサービス運用妨害 (DoS) の脆弱性 - CVE-2005-0760 2012-06-26 14:14 2005-03-23 Show GitHub Exploit DB Packet Storm
248189 6.9 警告 IBM - IBM AIX の libodm.a における任意のファイルを上書される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2179 2012-06-26 14:12 2012-05-16 Show GitHub Exploit DB Packet Storm
248190 4.3 警告 IBM - IBM System Storage DS Storage Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2172 2012-06-26 14:11 2012-06-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
581 5.9 MEDIUM
Network 		- - LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attack… CWE-863
 Incorrect Authorization 		CVE-2026-41470 2026-05-20 06:08 2026-05-20 Show GitHub Exploit DB Packet Storm
582 9.9 CRITICAL
Network 		- - Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validation on composition offsets using unsigned … CWE-125
CWE-190
CWE-787
Out-of-bounds Read
 Integer Overflow or Wraparound
 Out-of-bounds Write 		CVE-2026-33642 2026-05-20 06:08 2026-05-20 Show GitHub Exploit DB Packet Storm
583 - - - Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 … CWE-250
 Execution with Unnecessary Privileges 		CVE-2026-8370 2026-05-20 06:01 2026-05-20 Show GitHub Exploit DB Packet Storm
584 8.8 HIGH
Network 		getgrav grav Grav is a file-based Web platform. In Grav 2.0.0-beta.2, a low-privileged authenticated API user with api.media.write can abuse /api/v1/blueprint-upload to write an arbitrary YAML file into user/acco… CWE-269
CWE-434
 Improper Privilege Management
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-42844 2026-05-20 06:00 2026-05-13 Show GitHub Exploit DB Packet Storm
585 7.5 HIGH
Network 		- - The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation and missing capability check in … CWE-23
 Relative Path Traversal 		CVE-2026-8073 2026-05-20 06:00 2026-05-20 Show GitHub Exploit DB Packet Storm
586 6.5 MEDIUM
Network 		- - The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.6. This is due to the plugin not p… CWE-862
 Missing Authorization 		CVE-2026-8096 2026-05-20 06:00 2026-05-20 Show GitHub Exploit DB Packet Storm
587 7.8 HIGH
Local 		protobufjs_project protobufjs-cli protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.2.1 and 2.0.2, pbts invoked JSDoc by building a shell command string from input file paths and executing it through child_process… CWE-78
OS Command  		CVE-2026-42290 2026-05-20 05:56 2026-05-14 Show GitHub Exploit DB Packet Storm
588 5.3 MEDIUM
Network 		protobufjs_project protobufjs protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs includes a minimal UTF-8 decoder that accepted overlong UTF-8 byte sequences and decoded … CWE-176
 Improper Handling of Unicode Encoding 		CVE-2026-44288 2026-05-20 05:46 2026-05-14 Show GitHub Exploit DB Packet Storm
589 8.7 HIGH
Network 		protobufjs_project protobufjs-cli protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.2.1 and 2.0.2, pbjs static code generation could emit unsafe JavaScript identifiers derived from schema-controlled names. When ge… CWE-94
Code Injection 		CVE-2026-44295 2026-05-20 05:37 2026-05-14 Show GitHub Exploit DB Packet Storm
590 7.2 HIGH
Network 		dkfz nnu-net nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in .github/workflows/issue-triage.yml is vulnerable… CWE-74
Injection 		CVE-2026-44246 2026-05-20 05:10 2026-05-13 Show GitHub Exploit DB Packet Storm