Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1041 7.5 重要
Network 		Apache Software Foundation ActiveMQ Broker
Apache ActiveMQ 		Apache Software FoundationのApache ActiveMQ等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-39304 2026-05-7 12:05 2026-04-10 Show GitHub Exploit DB Packet Storm
1042 6.5 警告
Network 		OpenBao OpenBao OpenBaoにおける複数の脆弱性 CWE-400
CWE-674
CWE-770
CVE-2026-39396 2026-05-7 12:05 2026-04-21 Show GitHub Exploit DB Packet Storm
1043 7.8 重要
Local 		FreeBSD FreeBSD FreeBSDにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-39457 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
1044 10 緊急
Network 		traefik traefik traefikにおける複数の脆弱性 CWE-290
CWE-306
CVE-2026-39858 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
1045 7.2 重要
Network 		Progress Software Corporation ECS Connection Manager
loadmaster
Connection Manager for ObjectScale 		Progress Software CorporationのConnection Manager for ObjectScale等の複数製品におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-4048 2026-05-7 12:05 2026-04-20 Show GitHub Exploit DB Packet Storm
1046 7.8 重要
Local 		radare radare2 radareのradare2におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-40499 2026-05-7 12:05 2026-04-15 Show GitHub Exploit DB Packet Storm
1047 7.3 重要
Network 		Apache Software Foundation HttpClient Apache Software FoundationのHttpClientにおける認証の重要なステップの欠如に関する脆弱性 CWE-304
認証の重要なステップの欠如 		CVE-2026-40542 2026-05-7 12:05 2026-04-22 Show GitHub Exploit DB Packet Storm
1048 9.1 緊急
Network 		goshs goshs goshsにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-40903 2026-05-7 12:05 2026-04-21 Show GitHub Exploit DB Packet Storm
1049 8.2 重要
Network 		traefik traefik traefikにおける誤って解決された名前や参照の使用に関する脆弱性 CWE-706
誤って解決された名前や参照の使用 		CVE-2026-40912 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
1050 5.9 警告
Network 		Apache Software Foundation Apache Airflow Apache Software FoundationのApache Airflowにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-41016 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312501 7.8 HIGH
Local 		microsoft 365_apps
office
excel
office_long_term_servicing_channel
office_online_server 		Microsoft Excel Elevation of Privilege Vulnerability NVD-CWE-noinfo
CVE-2024-43465 2024-09-13 23:46 2024-09-11 Show GitHub Exploit DB Packet Storm
312502 7.5 HIGH
Network 		microsoft sharepoint_server Microsoft SharePoint Server Denial of Service Vulnerability NVD-CWE-noinfo
CVE-2024-43466 2024-09-13 23:44 2024-09-11 Show GitHub Exploit DB Packet Storm
312503 7.3 HIGH
Network 		microsoft windows_server_2008 Microsoft Windows Admin Center Information Disclosure Vulnerability NVD-CWE-noinfo
CVE-2024-43475 2024-09-13 23:42 2024-09-11 Show GitHub Exploit DB Packet Storm
312504 5.4 MEDIUM
Network 		crocoblock jetelements The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slide_id' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitiz… CWE-79
Cross-site Scripting 		CVE-2024-7144 2024-09-13 23:40 2024-08-16 Show GitHub Exploit DB Packet Storm
312505 5.4 MEDIUM
Network 		microsoft dynamics_365 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability CWE-79
Cross-site Scripting 		CVE-2024-43476 2024-09-13 23:39 2024-09-11 Show GitHub Exploit DB Packet Storm
312506 8.8 HIGH
Network 		crocoblock jetelements The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter. This makes it possible for authenticated att… CWE-22
Path Traversal 		CVE-2024-7145 2024-09-13 23:39 2024-08-16 Show GitHub Exploit DB Packet Storm
312507 8.5 HIGH
Network 		microsoft power_automate Microsoft Power Automate Desktop Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-43479 2024-09-13 23:38 2024-09-11 Show GitHub Exploit DB Packet Storm
312508 4.3 MEDIUM
Network 		bricksbuilder bricks The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'save_settings' functio… CWE-352
 Origin Validation Error 		CVE-2023-3408 2024-09-13 23:37 2024-08-17 Show GitHub Exploit DB Packet Storm
312509 8.8 HIGH
Network 		google chrome Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: H… CWE-416
 Use After Free 		CVE-2024-8639 2024-09-13 23:35 2024-09-11 Show GitHub Exploit DB Packet Storm
312510 8.8 HIGH
Network 		google chrome Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) CWE-843
Type Confusion 		CVE-2024-8638 2024-09-13 23:35 2024-09-11 Show GitHub Exploit DB Packet Storm