Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
61 4.4 警告
Local 		PNG Development Group
Debian		 Debian GNU/Linux
libpng 		Debian等の複数ベンダの製品における解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-34757 2026-05-15 11:02 2026-04-9 Show GitHub Exploit DB Packet Storm
62 7.7 重要
Local 		Pengutronix e.K. barebox Pengutronix e.K.のbareboxにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-34961 2026-05-15 11:02 2026-05-11 Show GitHub Exploit DB Packet Storm
63 5.5 警告
Local 		Pengutronix e.K. barebox Pengutronix e.K.のbareboxにおける無限ループに関する脆弱性 New CWE-835
無限ループ 		CVE-2026-34962 2026-05-15 11:02 2026-05-11 Show GitHub Exploit DB Packet Storm
64 7.8 重要
Local 		Pengutronix e.K. barebox Pengutronix e.K.のbareboxにおける整数オーバーフローの脆弱性 New CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-34963 2026-05-15 11:02 2026-05-11 Show GitHub Exploit DB Packet Storm
65 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-35439 2026-05-15 11:02 2026-05-12 Show GitHub Exploit DB Packet Storm
66 5.9 警告
Network 		IBM IBM WebSphere Application Server IBMのIBM WebSphere Application Serverにおける権限管理に関する脆弱性 New CWE-269
CWE-noinfo
CVE-2026-3621 2026-05-15 11:02 2026-04-23 Show GitHub Exploit DB Packet Storm
67 5.9 警告
Local 		The Go Project Go The Go ProjectのGoにおける境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-39817 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
68 5.3 警告
Local 		The Go Project Go The Go ProjectのGoにおけるリンク解釈に関する脆弱性 New CWE-59
リンク解釈の問題 		CVE-2026-39819 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
69 7.5 重要
Network 		The Go Project Go The Go ProjectのGoにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-39820 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
70 6.1 警告
Network 		The Go Project Go The Go ProjectのGoにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-39823 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312151 - - - Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the cont… CWE-200
Information Exposure 		CVE-2024-42351 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312152 - - - Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations en… CWE-79
Cross-site Scripting 		CVE-2024-42346 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312153 - - - Cross Site Scripting vulnerability in Leotheme Leo Product Search Module v.2.1.6 and earlier allows a remote attacker to execute arbitrary code via the q parameter of the product search function. - CVE-2024-42697 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312154 - - - The Versa Director offers REST APIs for orchestration and management. By design, certain APIs, such as the login screen, banner display, and device registration, do not require authentication. Howeve… - CVE-2024-45229 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312155 - - - Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however (because of misconfigured Firebase ACLs), it is possible to cr… - CVE-2024-45489 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312156 - - - A vulnerability classified as critical has been found in Codezips Internal Marks Calculation 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument tid leads to … CWE-89
SQL Injection 		CVE-2024-9037 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312157 - - - A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin_add.php. The manipulation of the argument i… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-9036 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312158 - - - Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. - CVE-2024-46652 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312159 - - - A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Admin Login… CWE-89
SQL Injection 		CVE-2024-9035 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312160 - - - A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulatio… CWE-89
SQL Injection 		CVE-2024-9034 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm