Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248561 4.9 警告 Linux - Linux Kernel の cifs_lookup 関数におけるサービス運用妨害 (OOPS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1090 2012-05-18 15:38 2012-05-17 Show GitHub Exploit DB Packet Storm
248562 4.9 警告 Linux - Linux Kernel の kiocb_batch_free 関数におけるサービス運用妨害 (OOPS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0058 2012-05-18 15:16 2012-05-17 Show GitHub Exploit DB Packet Storm
248563 7.2 危険 Linux - Linux Kernel の drm_mode_dirtyfb_ioctl 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-0044 2012-05-18 14:59 2012-05-17 Show GitHub Exploit DB Packet Storm
248564 4.9 警告 Linux - Linux Kernel の xfs_acl_from_disk 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-0038 2012-05-18 14:57 2012-05-17 Show GitHub Exploit DB Packet Storm
248565 4.9 警告 Linux - Linux Kernel におけるサービス運用妨害 (システムハング) の脆弱性 CWE-DesignError
CVE-2011-4621 2012-05-18 14:51 2012-05-17 Show GitHub Exploit DB Packet Storm
248566 4.9 警告 Linux - PowerPC プラットフォーム上で稼働する Linux Kernel における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-4611 2012-05-18 14:48 2012-05-17 Show GitHub Exploit DB Packet Storm
248567 4.9 警告 Linux - Linux Kernel の __sys_sendmsg 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性 CWE-DesignError
CVE-2011-4594 2012-05-18 14:45 2012-05-17 Show GitHub Exploit DB Packet Storm
248568 7.1 危険 Linux - Linux Kernel の udp6_ufo_fragment 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4326 2012-05-18 14:43 2012-05-17 Show GitHub Exploit DB Packet Storm
248569 7.8 危険 Linux - Linux Kernel の NFSv4 実装におけるサービス運用妨害 (OOPS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-4131 2012-05-18 14:41 2012-05-17 Show GitHub Exploit DB Packet Storm
248570 4.9 警告 Linux - Linux Kernel のネットサブシステムにおけるサービス運用妨害 (パニック) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4112 2012-05-18 14:21 2012-05-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
771 8.5 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_url() in backend/open_webui/retrieval/web/utils.py calls validators.ipv6(ip… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45331 2026-05-19 12:06 2026-05-16 Show GitHub Exploit DB Packet Storm
772 4.8 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the AccountPending.svelte component renders the admin-configured "Pending User Overl… CWE-79
Cross-site Scripting 		CVE-2026-44568 2026-05-19 12:06 2026-05-16 Show GitHub Exploit DB Packet Storm
773 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, when setting model permissions so that a group has read access to it, intending for … CWE-200
Information Exposure 		CVE-2026-45387 2026-05-19 12:05 2026-05-16 Show GitHub Exploit DB Packet Storm
774 7.2 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint (POST /api/v1/tools/id/{id}/update) is missing the workspac… CWE-269
CWE-862
 Improper Privilege Management
 Missing Authorization 		CVE-2026-45395 2026-05-19 12:05 2026-05-16 Show GitHub Exploit DB Packet Storm
775 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, an IDOR vulnerability exists in the Channels feature of Open WebUI, allowing any cha… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-45385 2026-05-19 10:45 2026-05-16 Show GitHub Exploit DB Packet Storm
776 6.3 MEDIUM
Network 		open5gs open5gs A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in … CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-8743 2026-05-19 10:35 2026-05-17 Show GitHub Exploit DB Packet Storm
777 5.5 MEDIUM
Local 		steipete summarize Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-45246 2026-05-19 10:34 2026-05-19 Show GitHub Exploit DB Packet Storm
778 5.4 MEDIUM
Network 		steipete summarize Summarize prior to 0.15.1 contains a missing authorization vulnerability that allows attackers to execute browser automation actions without per-call user approval when the extension automation featu… CWE-862
 Missing Authorization 		CVE-2026-45244 2026-05-19 10:34 2026-05-19 Show GitHub Exploit DB Packet Storm
779 7.1 HIGH
Network 		steipete summarize Summarize prior to 0.15.1 contains a path traversal vulnerability in the /v1/summarize daemon endpoint that allows authenticated callers to write files to arbitrary directories by supplying an absolu… CWE-862
 Missing Authorization 		CVE-2026-45242 2026-05-19 10:34 2026-05-19 Show GitHub Exploit DB Packet Storm
780 6.1 MEDIUM
Network 		steipete summarize Summarize prior to 0.15.1 contains a missing authorization vulnerability in the content script window.postMessage bridge that allows malicious pages to perform unauthorized operations on automation a… CWE-862
 Missing Authorization 		CVE-2026-45243 2026-05-19 10:34 2026-05-19 Show GitHub Exploit DB Packet Storm