Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1131 8.1 重要
Network 		WWBN AVideo WWBNのAVideoにおける過度に許容されるクロスドメインホワイトリストに関する脆弱性 CWE-942
過度に許容されるクロスドメインホワイトリスト 		CVE-2026-41056 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
1132 7.5 重要
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるエントロピー不足に関する脆弱性 CWE-331
エントロピー不足 		CVE-2026-41080 2026-04-27 11:20 2026-04-16 Show GitHub Exploit DB Packet Storm
1133 7.5 重要
Network 		free5gc free5gc
pcf 		free5GCのfree5GC等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-41135 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1134 5.3 警告
Network 		free5gc free5gc
amf 		free5GCのamf等の複数製品における予期せぬ動作に関する脆弱性  CWE-440
予期せぬ動作 		CVE-2026-41136 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1135 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-4922 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1136 6.1 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-5262 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1137 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-5377 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
1138 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるパスの等価性の不適切な解決に関する脆弱性 CWE-41
パスの等価性の不適切な解決 		CVE-2026-5816 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
1139 9.1 緊急
Network 		Rapid7 velociraptor Rapid7のvelociraptorにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-6290 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
1140 5.3 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6410 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
261 8.8 HIGH
Network 		tenda fh1202_firmware A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the ar… Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-7034 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
262 8.8 HIGH
Network 		tenda fh1202_firmware A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument G… Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-7035 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
263 9.8 CRITICAL
Network 		tenda i9_firmware A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal… Update CWE-22
Path Traversal 		CVE-2026-7036 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
264 8.8 HIGH
Network 		tenda hg10_firmware A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-6988 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
265 8.8 HIGH
Network 		tenda f453_firmware A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injecti… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-6989 2026-04-30 23:10 2026-04-26 Show GitHub Exploit DB Packet Storm
266 7.2 HIGH
Network 		linksys mr9600_firmware A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. T… Update CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-6992 2026-04-30 23:09 2026-04-26 Show GitHub Exploit DB Packet Storm
267 7.3 HIGH
Network 		dlink dir-822_firmware A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argumen… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-7067 2026-04-30 23:09 2026-04-27 Show GitHub Exploit DB Packet Storm
268 8.8 HIGH
Adjacent 		dlink dir-825_firmware A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack ca… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7068 2026-04-30 23:08 2026-04-27 Show GitHub Exploit DB Packet Storm
269 8.0 HIGH
Adjacent 		dlink dir-825_firmware A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argum… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7069 2026-04-30 23:08 2026-04-27 Show GitHub Exploit DB Packet Storm
270 7.8 HIGH
Local 		openclaw openclaw OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can… New CWE-863
 Incorrect Authorization 		CVE-2026-42432 2026-04-30 23:06 2026-04-29 Show GitHub Exploit DB Packet Storm