Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2861	7.1	重要 Local	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-42477	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2862	7.5	重要 Network	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)における複数の脆弱性	CWE-125 CWE-476	CVE-2026-42478	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2863	5.5	警告 Local	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)	Open CASCADE Technology (OCCT)における境界外読み取りに関する脆弱性	CWE-125 CWE-125	CVE-2026-42479	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2864	9.8	緊急 Network	hashcat	hashcat	hashcatにおける複数の脆弱性	CWE-121 CWE-787	CVE-2026-42482	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2865	9.8	緊急 Network	hashcat	hashcat	hashcatにおける複数の脆弱性	CWE-122 CWE-787	CVE-2026-42483	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2866	9.8	緊急 Network	hashcat	hashcat	hashcatにおける境界外書き込みに関する脆弱性	CWE-787 CWE-787	CVE-2026-42484	2026-05-7 12:00	2026-05-1	Show	GitHub Exploit DB Packet Storm

2867	9.1	緊急 Network	Technostrobe	HI-LED-WR120-G2 Firmware	TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性	CWE-862 CWE-863	CVE-2026-5574	2026-05-7 12:00	2026-04-5	Show	GitHub Exploit DB Packet Storm

2868	7.1	重要 Local	レッドハット Xiph.Org	Red Hat Enterprise Linux Theora	レッドハット等の複数ベンダの製品における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-5673	2026-05-7 12:00	2026-04-6	Show	GitHub Exploit DB Packet Storm

2869	9.8	緊急 Network	Sipeed	Picoclaw	SipeedのPicoclawにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-6987	2026-05-7 12:00	2026-04-25	Show	GitHub Exploit DB Packet Storm

2870	8.8	重要 Network	Coze	Coze Studio	CozeのCoze Studioにおける複数の脆弱性	CWE-74 CWE-89	CVE-2026-7023	2026-05-7 12:00	2026-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1351	7.0	HIGH Local	-	-	In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_…	CWE-378 Creation of Temporary File With Insecure Permissions	CVE-2026-4137	2026-05-20 00:03	2026-05-19	Show	GitHub Exploit DB Packet Storm

1352	5.4	MEDIUM Network	microsoft	edge_chromium	Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-45492	2026-05-20 00:03	2026-05-19	Show	GitHub Exploit DB Packet Storm

1353	8.8	HIGH Network	google	chrome	Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-8544	2026-05-19 23:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

1354	3.1	LOW Network	google	chrome	Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromi…	CWE-119 CWE-284 Incorrect Access of Indexable Resource ('Range Error') Improper Access Control	CVE-2026-8545	2026-05-19 23:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

1355	7.3	HIGH Local	-	-	A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface.	CWE-266 Incorrect Privilege Assignment	CVE-2026-22069	2026-05-19 23:50	2026-05-19	Show	GitHub Exploit DB Packet Storm

1356	5.3	MEDIUM Network	-	-	The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content of any…	CWE-284 Improper Access Control	CVE-2026-32994	2026-05-19 23:50	2026-05-19	Show	GitHub Exploit DB Packet Storm

1357	6.3	MEDIUM Adjacent	-	-	There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can modify configuration through the interface.	CWE-200 Information Exposure	CVE-2026-44408	2026-05-19 23:50	2026-05-19	Show	GitHub Exploit DB Packet Storm

1358	4.3	MEDIUM Network	-	-	Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a through 4.1.…	CWE-862 Missing Authorization	CVE-2026-45442	2026-05-19 23:50	2026-05-19	Show	GitHub Exploit DB Packet Storm

1359	5.3	MEDIUM Network	google	chrome	Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory vi…	CWE-125 Out-of-bounds Read	CVE-2026-8541	2026-05-19 23:47	2026-05-15	Show	GitHub Exploit DB Packet Storm

1360	-		-	-	The create and edit flows do not restrict which user properties may be submitted and do not enforce access control on the frontend user group assignment. As a result, an attacker can assign an arbitr…	CWE-639 CWE-915 Authorization Bypass Through User-Controlled Key Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-46721	2026-05-19 23:47	2026-05-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed