Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2801	7.8	重要 Local	Wireshark	Wireshark	Wiresharkにおける複数の脆弱性	CWE-122 CWE-787	CVE-2026-5405	2026-05-7 12:03	2026-05-1	Show	GitHub Exploit DB Packet Storm

2802	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-5406	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

2803	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける無限ループに関する脆弱性	CWE-835 無限ループ	CVE-2026-5407	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

2804	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-5408	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

2805	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-5409	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

2806	7.5	重要 Network	Wireshark	Wireshark	Wiresharkにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-5653	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

2807	7.5	重要 Network	Wireshark	Wireshark	Wiresharkにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-5654	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

2808	7.5	重要 Network	Wireshark	Wireshark	Wiresharkにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-5655	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

2809	7.8	重要 Local	Wireshark	Wireshark	Wiresharkにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-5656	2026-05-7 12:03	2026-05-1	Show	GitHub Exploit DB Packet Storm

2810	7.5	重要 Network	Wireshark	Wireshark	Wiresharkにおける二重解放に関する脆弱性	CWE-415 二重解放	CVE-2026-5657	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1431	5.4	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filter_allowed_access_grants on either create or up…	CWE-862 Missing Authorization	CVE-2026-44558	2026-05-19 23:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

1432	8.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSION_POOL to discon…	CWE-613 Insufficient Session Expiration	CVE-2026-44553	2026-05-19 23:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

1433	5.3	MEDIUM Network	-	-	An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-36438	2026-05-19 23:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

1434	9.1	CRITICAL Network	freertos	coremqtt	Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users s…	CWE-125 Out-of-bounds Read	CVE-2026-8686	2026-05-19 23:01	2026-05-16	Show	GitHub Exploit DB Packet Storm

1435	9.8	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the intern…	CWE-502 Deserialization of Untrusted Data	CVE-2026-7301	2026-05-19 22:49	2026-05-18	Show	GitHub Exploit DB Packet Storm

1436	9.1	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by …	CWE-35 Path Traversal: '.../...//'	CVE-2026-7302	2026-05-19 22:43	2026-05-18	Show	GitHub Exploit DB Packet Storm

1437	9.8	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads() will…	CWE-502 Deserialization of Untrusted Data	CVE-2026-7304	2026-05-19 22:38	2026-05-18	Show	GitHub Exploit DB Packet Storm

1438	7.0	HIGH Local	vim	vim	Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-lik…	CWE-78 CWE-88 OS Command Argument Injection	CVE-2026-46483	2026-05-19 21:27	2026-05-16	Show	GitHub Exploit DB Packet Storm

1439	5.8	MEDIUM Network	traefik	traefik	Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors (custom error pages) middleware. Whe…	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-41181	2026-05-19 21:24	2026-05-16	Show	GitHub Exploit DB Packet Storm

1440	9.9	CRITICAL Network	traefik	traefik	Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the RE…	CWE-284 Improper Access Control	CVE-2026-44774	2026-05-19 21:22	2026-05-16	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed