Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
311	7.5	重要 Network	アップル	iOS tvOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-28969	2026-05-14 10:20	2026-05-11	Show	GitHub Exploit DB Packet Storm

312	7.5	重要 Network	アップル	iOS tvOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品におけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-28974	2026-05-14 10:20	2026-05-11	Show	GitHub Exploit DB Packet Storm

313	7.5	重要 Network	アップル	iOS iPadOS tvOS watchOS	アップルのiPadOS等の複数製品における競合状態に関する脆弱性 New	CWE-362 競合状態	CVE-2026-28986	2026-05-14 10:20	2026-05-11	Show	GitHub Exploit DB Packet Storm

314	7.5	重要 Network	アップル	iOS iPadOS tvOS watchOS	アップルのiPadOS等の複数製品におけるログファイルからの情報漏えいに関する脆弱性 New	CWE-532 ログファイルからの情報漏えい	CVE-2026-28987	2026-05-14 10:20	2026-05-11	Show	GitHub Exploit DB Packet Storm

315	7.5	重要 Network	アップル	iOS tvOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性 New	CWE-119 バッファエラー	CVE-2026-28990	2026-05-14 10:20	2026-05-11	Show	GitHub Exploit DB Packet Storm

316	8.8	重要 Local	アップル	iOS tvOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における権限管理に関する脆弱性 New	CWE-269 不適切な権限管理	CVE-2026-28995	2026-05-14 10:20	2026-05-11	Show	GitHub Exploit DB Packet Storm

317	6.5	警告 Network	Gofiber	Fiber	GofiberのFiberにおける解釈の競合に関する脆弱性 New	CWE-436 解釈の競合	CVE-2026-30246	2026-05-14 10:20	2026-05-5	Show	GitHub Exploit DB Packet Storm

318	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-31784	2026-05-14 10:20	2026-05-1	Show	GitHub Exploit DB Packet Storm

319	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-31785	2026-05-14 10:20	2026-05-1	Show	GitHub Exploit DB Packet Storm

320	4.9	警告 Network	PowerDNS	PowerDNS Authoritative Server	PowerDNSのPowerDNS Authoritative Serverにおける整数オーバーフローの脆弱性 New	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-33611	2026-05-14 10:20	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312501	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsd4_deleg_getattr_conflict in presence of third party lease It is not safe to dereference fl->c.flc_owner without fir…	NVD-CWE-noinfo	CVE-2024-46690	2024-09-21 00:55	2024-09-13	Show	GitHub Exploit DB Packet Storm

312502	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protec…	CWE-787 Out-of-bounds Write	CVE-2024-46689	2024-09-21 00:52	2024-09-13	Show	GitHub Exploit DB Packet Storm

312503	9.8	CRITICAL Network	h2o	h2o	A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Conn…	CWE-502 Deserialization of Untrusted Data	CVE-2024-8862	2024-09-21 00:47	2024-09-15	Show	GitHub Exploit DB Packet Storm

312504	5.4	MEDIUM Network	aimstack	aim	A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. Affected is the function dangerouslySetInnerHTML of the file textbox.tsx of the component Text Explorer. Th…	CWE-79 Cross-site Scripting	CVE-2024-8863	2024-09-21 00:43	2024-09-15	Show	GitHub Exploit DB Packet Storm

312505	6.1	MEDIUM Network	autocms_project	autocms	A vulnerability was found in AutoCMS 5.4. It has been classified as problematic. This affects an unknown part of the file /admin/robot.php. The manipulation of the argument sidebar leads to cross sit…	CWE-79 Cross-site Scripting	CVE-2024-8866	2024-09-21 00:36	2024-09-15	Show	GitHub Exploit DB Packet Storm

312506	6.1	MEDIUM Network	onlyoffice	document_server	ONLYOFFICE Docs before 8.0.1 allows XSS because a macro is an immediately-invoked function expression (IIFE), and therefore a sandbox escape is possible by directly calling the constructor of the Fun…	CWE-79 Cross-site Scripting	CVE-2023-50883	2024-09-21 00:18	2024-09-10	Show	GitHub Exploit DB Packet Storm

312507	7.5	HIGH Network	litellm	litellm	A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/c…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-6587	2024-09-20 23:55	2024-09-14	Show	GitHub Exploit DB Packet Storm

312508	9.8	CRITICAL Network	thinkphp	thinkphp	A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.	CWE-502 Deserialization of Untrusted Data	CVE-2024-44902	2024-09-20 23:55	2024-09-10	Show	GitHub Exploit DB Packet Storm

312509	9.1	CRITICAL Network	baxter	connex_health_portal	In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex po…	NVD-CWE-noinfo	CVE-2024-6796	2024-09-20 23:53	2024-09-10	Show	GitHub Exploit DB Packet Storm

312510	9.8	CRITICAL Network	baxter	connex_health_portal	In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.…	CWE-89 SQL Injection	CVE-2024-6795	2024-09-20 23:53	2024-09-10	Show	GitHub Exploit DB Packet Storm