Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253441 4.3 警告 オラクル - Oracle E-Business Suite の Business Intelligence コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-2246 2011-08-1 11:46 2011-07-19 Show GitHub Exploit DB Packet Storm
253442 6.8 警告 オラクル - Oracle Enterprise Manager Grid Control の Database Control コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0845 2011-08-1 11:45 2011-07-19 Show GitHub Exploit DB Packet Storm
253443 5 警告 オラクル - Oracle Fusion Middleware の Oracle Business Intelligence Enterprise Edition コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-2241 2011-08-1 11:42 2011-07-19 Show GitHub Exploit DB Packet Storm
253444 4 警告 オラクル - Oracle Fusion Middleware の Oracle BPEL Process Manager コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0884 2011-08-1 11:40 2011-07-19 Show GitHub Exploit DB Packet Storm
253445 4 警告 オラクル - Oracle Fusion Middleware の Oracle Containers for J2EE コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0883 2011-08-1 11:33 2011-07-19 Show GitHub Exploit DB Packet Storm
253446 6 警告 オラクル - Oracle Database Server および Oracle Fusion Middleware における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2232 2011-08-1 11:32 2011-07-19 Show GitHub Exploit DB Packet Storm
253447 4.3 警告 オラクル - Oracle Database Server および Oracle Fusion Middleware における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2231 2011-08-1 11:31 2011-07-19 Show GitHub Exploit DB Packet Storm
253448 10 危険 オラクル - Oracle Secure Backup における脆弱性 CWE-noinfo
情報不足 		CVE-2011-2261 2011-08-1 11:30 2011-07-19 Show GitHub Exploit DB Packet Storm
253449 5.1 警告 サイバートラスト株式会社
Carnegie Mellon University (Project Cyrus)
レッドハット		 - Cyrus IMAP Server の STARTTLS 実装における暗号化セッションにコマンドを挿入される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1926 2011-08-1 11:02 2011-05-23 Show GitHub Exploit DB Packet Storm
253450 6.9 警告 GNU Project
サイバートラスト株式会社
レッドハット		 - bash-doc における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-5374 2011-08-1 10:58 2008-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3501 7.7 HIGH
Network 		- - Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via gethostbyname() but passes the origina… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-41688 2026-05-8 00:45 2026-05-8 Show GitHub Exploit DB Packet Storm
3502 9.6 CRITICAL
Network 		- - Notesnook is a note-taking app focused on user privacy & ease of use. Prior to Notesnook Web/Desktop version 3.3.15 and prior to Notesnook iOS/Android version 3.3.20, a stored XSS vulnerability in th… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-42090 2026-05-8 00:44 2026-05-5 Show GitHub Exploit DB Packet Storm
3503 8.1 HIGH
Network 		- - Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download (fetch) command allows attackers to write files to arbitrary… CWE-22
Path Traversal 		CVE-2026-42075 2026-05-8 00:43 2026-05-5 Show GitHub Exploit DB Packet Storm
3504 5.3 MEDIUM
Network 		- - Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/{id}, /api/… CWE-285
Improper Authorization 		CVE-2026-41572 2026-05-8 00:43 2026-05-5 Show GitHub Exploit DB Packet Storm
3505 6.5 MEDIUM
Network 		- - titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscr… CWE-200
Information Exposure 		CVE-2026-42092 2026-05-8 00:43 2026-05-5 Show GitHub Exploit DB Packet Storm
3506 4.4 MEDIUM
Network 		- - PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery (SSRF). The macro allows user… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42140 2026-05-8 00:43 2026-05-5 Show GitHub Exploit DB Packet Storm
3507 6.1 MEDIUM
Local 		- - CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all… CWE-190
 Integer Overflow or Wraparound 		CVE-2026-42144 2026-05-8 00:43 2026-05-5 Show GitHub Exploit DB Packet Storm
3508 - - - In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that allows an attacker who can supply Markdown for parsing to c… CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2026-33079 2026-05-8 00:43 2026-05-7 Show GitHub Exploit DB Packet Storm
3509 8.8 HIGH
Network 		- - YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'… CWE-89
SQL Injection 		CVE-2026-41143 2026-05-8 00:43 2026-05-7 Show GitHub Exploit DB Packet Storm
3510 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: gpio: Fix resource leaks on errors in gpiochip_add_data_with_key() Since commit aab5c6f20023 ("gpio: set device type for GPIO chi… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-31732 2026-05-8 00:36 2026-05-2 Show GitHub Exploit DB Packet Storm