Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3091 8.8 重要
Network 		Google Google Chrome GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-7363 2026-05-1 10:40 2026-04-28 Show GitHub Exploit DB Packet Storm
3092 4.3 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2025-59031 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
3093 5.3 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-0394 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
3094 8.2 重要
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-24031 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
3095 5.9 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるCapture-replay による認証回避に関する脆弱性 CWE-294
Capture-replayによる認証回避 		CVE-2026-27855 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
3096 5.9 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品における認証に関する脆弱性 CWE-287
CWE-Other
CVE-2026-27856 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
3097 5.3 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-27860 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
3098 8.4 重要
Local 		Anthropic PBC Claude Code
Claude Agent SDK 		Anthropic PBCのClaude Agent SDK等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-35020 2026-05-1 10:39 2026-04-6 Show GitHub Exploit DB Packet Storm
3099 7.8 重要
Local 		Anthropic PBC Claude Code
Claude Agent SDK 		Anthropic PBCのClaude Agent SDK等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-35021 2026-05-1 10:39 2026-04-6 Show GitHub Exploit DB Packet Storm
3100 9.8 緊急
Network 		Anthropic PBC Claude Code
Claude Agent SDK 		Anthropic PBCのClaude Agent SDK等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-35022 2026-05-1 10:39 2026-04-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317011 - john_s._roberts anyform AnyForm CGI remote execution. NVD-CWE-Other
CVE-1999-0066 2024-08-2 06:35 1995-07-31 Show GitHub Exploit DB Packet Storm
317012 - sun nfs Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. NVD-CWE-Other
CVE-1999-0084 2024-08-2 06:35 1990-05-1 Show GitHub Exploit DB Packet Storm
317013 - sun sunos Solaris ufsrestore buffer overflow. NVD-CWE-Other
CVE-1999-0069 2024-08-2 05:35 1998-04-29 Show GitHub Exploit DB Packet Storm
317014 - isc
netscape
caldera
bsdi
redhat
nec 		inn
news_server
openlinux
bsd_os
linux
goah_networksv
goah_intrasv 		Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. NVD-CWE-Other
CVE-1999-0043 2024-08-2 05:35 1996-12-4 Show GitHub Exploit DB Packet Storm
317015 - sun solaris Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka Sys… NVD-CWE-Other
CVE-1999-1588 2024-08-2 04:35 1999-12-31 Show GitHub Exploit DB Packet Storm
317016 - ssh ssh Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. NVD-CWE-Other
CVE-1999-0013 2024-08-2 04:35 1998-01-22 Show GitHub Exploit DB Packet Storm
317017 - - - The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks - CVE-2024-6412 2024-08-2 03:35 2024-07-31 Show GitHub Exploit DB Packet Storm
317018 - - - It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface… - CVE-2024-6873 2024-08-2 01:45 2024-08-2 Show GitHub Exploit DB Packet Storm
317019 - - - A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a … - CVE-2024-6242 2024-08-2 01:45 2024-08-2 Show GitHub Exploit DB Packet Storm
317020 - - - In parisneo/lollms-webui version v9.8, the lollms_binding_infos is missing the client_id parameter, which leads to multiple security vulnerabilities. Specifically, the endpoints /reload_binding, /ins… CWE-304
 Missing Critical Step in Authentication 		CVE-2024-6040 2024-08-2 01:45 2024-08-2 Show GitHub Exploit DB Packet Storm