Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
341	8.8	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-8957	2026-05-22 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

342	8.6	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性	CWE-668 CWE-693	CVE-2026-8958	2026-05-22 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

343	9.6	緊急 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性	CWE-119 CWE-20 CWE-693	CVE-2026-8959	2026-05-22 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

344	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品におけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-8960	2026-05-22 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

345	6.5	警告 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品におけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-8961	2026-05-22 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

346	8.1	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-8962	2026-05-22 10:51	2026-05-19	Show	GitHub Exploit DB Packet Storm

347	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品におけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-8963	2026-05-22 10:51	2026-05-19	Show	GitHub Exploit DB Packet Storm

348	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品におけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性	CWE-451 ユーザインターフェースにおける重要情報の誤った表示	CVE-2026-8964	2026-05-22 10:51	2026-05-19	Show	GitHub Exploit DB Packet Storm

349	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-8965	2026-05-22 10:51	2026-05-19	Show	GitHub Exploit DB Packet Storm

350	7.5	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-8966	2026-05-22 10:51	2026-05-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1431	5.4	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filter_allowed_access_grants on either create or up…	CWE-862 Missing Authorization	CVE-2026-44558	2026-05-19 23:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

1432	8.1	HIGH Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSION_POOL to discon…	CWE-613 Insufficient Session Expiration	CVE-2026-44553	2026-05-19 23:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

1433	5.3	MEDIUM Network	-	-	An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-36438	2026-05-19 23:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

1434	9.1	CRITICAL Network	freertos	coremqtt	Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users s…	CWE-125 Out-of-bounds Read	CVE-2026-8686	2026-05-19 23:01	2026-05-16	Show	GitHub Exploit DB Packet Storm

1435	9.8	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the intern…	CWE-502 Deserialization of Untrusted Data	CVE-2026-7301	2026-05-19 22:49	2026-05-18	Show	GitHub Exploit DB Packet Storm

1436	9.1	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by …	CWE-35 Path Traversal: '.../...//'	CVE-2026-7302	2026-05-19 22:43	2026-05-18	Show	GitHub Exploit DB Packet Storm

1437	9.8	CRITICAL Network	lmsys	sglang	SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when the --enable-custom-logit-processor option is enabled, as Python objects loaded via dill.loads() will…	CWE-502 Deserialization of Untrusted Data	CVE-2026-7304	2026-05-19 22:38	2026-05-18	Show	GitHub Exploit DB Packet Storm

1438	7.0	HIGH Local	vim	vim	Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-lik…	CWE-78 CWE-88 OS Command Argument Injection	CVE-2026-46483	2026-05-19 21:27	2026-05-16	Show	GitHub Exploit DB Packet Storm

1439	5.8	MEDIUM Network	traefik	traefik	Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors (custom error pages) middleware. Whe…	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-41181	2026-05-19 21:24	2026-05-16	Show	GitHub Exploit DB Packet Storm

1440	9.9	CRITICAL Network	traefik	traefik	Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the RE…	CWE-284 Improper Access Control	CVE-2026-44774	2026-05-19 21:22	2026-05-16	Show	GitHub Exploit DB Packet Storm