Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1111 4.4 警告
Local 		Authzed, Inc. SpiceDB Authzed, Inc.のSpiceDBにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-40091 2026-04-27 11:21 2026-04-15 Show GitHub Exploit DB Packet Storm
1112 5.4 警告
Network 		OpenMage Magento OpenMageのMagentoにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40098 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
1113 7.5 重要
Network 		free5gc free5gc free5GCにおける複数の脆弱性 CWE-285
CWE-636
CVE-2026-40248 2026-04-27 11:21 2026-04-16 Show GitHub Exploit DB Packet Storm
1114 5.8 警告
Network 		free5gc free5gc
udr 		free5GCのfree5GC等の複数製品における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2026-40343 2026-04-27 11:21 2026-04-22 Show GitHub Exploit DB Packet Storm
1115 8.8 重要
Network 		OpenMage Magento OpenMageのMagentoにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-40488 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
1116 9.1 緊急
Network 		FreeScout FreeScout FreeScoutにおける複数の脆弱性 CWE-330
CWE-340
CVE-2026-40496 2026-04-27 11:21 2026-04-21 Show GitHub Exploit DB Packet Storm
1117 8.1 重要
Network 		FreeScout FreeScout FreeScoutにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40497 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
1118 8.8 重要
Network 		PJSIP pjsip PJSIPのpjsipにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-40614 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
1119 6.5 警告
Network 		decidim decidim Decidim Free Software AssociationのDecidimにおける不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2026-40869 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
1120 9.8 緊急
Network 		PJSIP pjsip PJSIPのpjsipにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-40892 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
611 9.8 CRITICAL
Network 		- - Cockpit v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter within multiple endpoints. This vulnerability allows an attacker to run system commands on the underlyin… CWE-94
Code Injection 		CVE-2026-38992 2026-05-1 01:16 2026-04-30 Show GitHub Exploit DB Packet Storm
612 7.5 HIGH
Network 		- - U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2026-36959 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
613 7.5 HIGH
Network 		- - A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management in… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-36958 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
614 7.5 HIGH
Network 		- - Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent … CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-36957 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
615 8.8 HIGH
Network 		- - A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanism… CWE-352
 Origin Validation Error 		CVE-2026-36956 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
616 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2026-34998 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
617 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2026-34997 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
618 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2026-34996 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
619 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2026-34995 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm
620 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2026-34994 2026-05-1 01:16 2026-05-1 Show GitHub Exploit DB Packet Storm