Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
71 5.3 警告
Network 		The Go Project Go The Go ProjectのGoにおける不特定の脆弱性 New CWE-noinfo
情報不足 		CVE-2026-39825 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
72 6.1 警告
Network 		The Go Project Go The Go ProjectのGoにおけるエンコードおよびエスケープに関する脆弱性 New CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-39826 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
73 7.5 重要
Network 		The Go Project Go The Go ProjectのGoにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2026-39836 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
74 4.3 警告
Network 		アップル tvOS
iOS
watchOS
visionos
iPadOS 		アップルのiPadOS等の複数製品における古典的バッファオーバーフローの脆弱性 New CWE-120
古典的バッファオーバーフロー 		CVE-2026-39869 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
75 7.5 重要
Network 		- アップルのmacOSにおけるバッファエラーの脆弱性 New CWE-119
バッファエラー 		CVE-2026-39870 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
76 6.8 警告
Physics 		ZTE ZX297520V3 ファームウェア ZTEのZX297520V3 ファームウェアにおける境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-40003 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
77 7.8 重要
Local 		ZTE ZXCLOUD iRAI ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性 New CWE-427
制御されていない検索パスの要素 		CVE-2026-40004 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
78 6.5 警告
Network 		Zulip Zulip Server ZulipのZulip Serverにおけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-40300 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
79 6.5 警告
Network 		NocoBase NocoBase NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40346 2026-05-15 11:01 2026-04-18 Show GitHub Exploit DB Packet Storm
80 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40357 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312151 - - - Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the cont… CWE-200
Information Exposure 		CVE-2024-42351 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312152 - - - Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations en… CWE-79
Cross-site Scripting 		CVE-2024-42346 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312153 - - - Cross Site Scripting vulnerability in Leotheme Leo Product Search Module v.2.1.6 and earlier allows a remote attacker to execute arbitrary code via the q parameter of the product search function. - CVE-2024-42697 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312154 - - - The Versa Director offers REST APIs for orchestration and management. By design, certain APIs, such as the login screen, banner display, and device registration, do not require authentication. Howeve… - CVE-2024-45229 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312155 - - - Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however (because of misconfigured Firebase ACLs), it is possible to cr… - CVE-2024-45489 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312156 - - - A vulnerability classified as critical has been found in Codezips Internal Marks Calculation 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument tid leads to … CWE-89
SQL Injection 		CVE-2024-9037 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312157 - - - A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin_add.php. The manipulation of the argument i… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-9036 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312158 - - - Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. - CVE-2024-46652 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312159 - - - A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Admin Login… CWE-89
SQL Injection 		CVE-2024-9035 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm
312160 - - - A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulatio… CWE-89
SQL Injection 		CVE-2024-9034 2024-09-26 22:32 2024-09-21 Show GitHub Exploit DB Packet Storm