Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248721 4.9 警告 Linux - Linux kernel の ldm_parse_vmdb 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1012 2012-03-27 18:43 2011-03-1 Show GitHub Exploit DB Packet Storm
248722 4 警告 Best Practical Solutions - Best Practical Solutions RT の Scrips_Overlay.pm における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1008 2012-03-27 18:43 2011-02-28 Show GitHub Exploit DB Packet Storm
248723 2.1 注意 Best Practical Solutions - Best Practical Solutions RT における資格情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-1007 2012-03-27 18:43 2011-02-28 Show GitHub Exploit DB Packet Storm
248724 6.8 警告 ClamAV - ClamAV の vba_read_project_strings 関数における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1003 2012-03-27 18:43 2011-02-23 Show GitHub Exploit DB Packet Storm
248725 4.3 警告 Google - Android SDK の dexdump におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1001 2012-03-27 18:43 2011-07-8 Show GitHub Exploit DB Packet Storm
248726 6.4 警告 freedesktop.org - Telepathy Gabble における音声やビデオ通話を傍受される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1000 2012-03-27 18:43 2011-02-18 Show GitHub Exploit DB Packet Storm
248727 6.8 警告 dhcpcd project - dhcpcd における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0996 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
248728 2.1 注意 Novell
Christian Neukirchen		 - SLE の sqlite3-ruby gem における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-0995 2012-03-27 18:43 2011-05-13 Show GitHub Exploit DB Packet Storm
248729 10 危険 Novell - NFR の NFRAgent.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-0994 2012-03-27 18:43 2011-04-9 Show GitHub Exploit DB Packet Storm
248730 5.8 警告 Mono Project
Novell		 - Mono におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-0992 2012-03-27 18:43 2011-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291 9.8 CRITICAL
Network 		- - MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to evaluate mathematical expressions without proper input sanitiz… New CWE-94
Code Injection 		CVE-2026-44717 2026-05-16 02:16 2026-05-16 Show GitHub Exploit DB Packet Storm
292 7.5 HIGH
Network 		- - The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends() contains two fast-path verification bugs for standard P2PKH and native P2WPKH… New CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-44714 2026-05-16 02:16 2026-05-16 Show GitHub Exploit DB Packet Storm
293 5.4 MEDIUM
Network 		- - Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify() in pkg/git/verifier.go unconditionally dereference… New CWE-129
CWE-390
 Improper Validation of Array Index
 Detection of Error Condition Without Action 		CVE-2026-44310 2026-05-16 02:16 2026-05-16 Show GitHub Exploit DB Packet Storm
294 9.4 CRITICAL
Network 		- - Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is r… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42596 2026-05-16 02:16 2026-05-15 Show GitHub Exploit DB Packet Storm
295 8.2 HIGH
Network 		- - Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary… New CWE-184
 Incomplete Blacklist 		CVE-2026-42590 2026-05-16 02:16 2026-05-15 Show GitHub Exploit DB Packet Storm
296 9.1 CRITICAL
Network 		- - OpenMRS is an open source electronic medical record system platform. From 2.7.0 to before 2.7.9 and 2.8.6, the ConceptReferenceRangeUtility.evaluateCriteria() method in OpenMRS Core evaluates databas… New CWE-94
Code Injection 		CVE-2026-41258 2026-05-16 02:16 2026-05-16 Show GitHub Exploit DB Packet Storm
297 - - - Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors (custom error pages) middleware. Whe… New CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2026-41181 2026-05-16 02:16 2026-05-16 Show GitHub Exploit DB Packet Storm
298 5.4 MEDIUM
Network 		- - Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is proce… New CWE-79
Cross-site Scripting 		CVE-2026-23695 2026-05-16 02:16 2026-05-16 Show GitHub Exploit DB Packet Storm
299 6.5 MEDIUM
Network 		shellhub shellhub ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/sessions/:uid returns the full session object for any authenticated caller, without scoping by the caller's tenant. An authenticated u… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-44423 2026-05-16 02:16 2026-05-14 Show GitHub Exploit DB Packet Storm
300 7.5 HIGH
Network 		zitadel zitadel ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discovered in Zitadel's LDAP identity provider implementation, which fails to pro… New CWE-90
LDAP Injection 		CVE-2026-44671 2026-05-16 02:15 2026-05-15 Show GitHub Exploit DB Packet Storm