Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1141	7.5	重要 Network	gomarkdown	markdown	gomarkdownのMarkdownにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-40890	2026-04-30 12:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

1142	10	緊急 Network	WWBN	AVideo	WWBNのAVideoにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-40911	2026-04-30 12:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

1143	5.4	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40923	2026-04-30 12:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

1144	6.5	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-40924	2026-04-30 12:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

1145	7.5	重要 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-40938	2026-04-30 12:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

1146	6.5	警告 Network	Apache Software Foundation	ActiveMQ Web Apache ActiveMQ	Apache Software FoundationのApache ActiveMQ等の複数製品における複数の脆弱性	CWE-79 CWE-79 CWE-915	CVE-2026-41043	2026-04-30 12:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

1147	8.8	重要 Network	Apache Software Foundation	Apache ActiveMQ ActiveMQ Broker	Apache Software FoundationのApache ActiveMQ等の複数製品における複数の脆弱性	CWE-20 CWE-94	CVE-2026-41044	2026-04-30 12:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

1148	8.2	重要 Network	oauth2_proxy project	oauth2_proxy	oauth2_proxy projectのoauth2_proxyにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-41059	2026-04-30 12:27	2026-04-22	Show	GitHub Exploit DB Packet Storm

1149	7.5	重要 Network	lxml	lxml	lxmlにおけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2026-41066	2026-04-30 12:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

1150	7.7	重要 Network	The Kyverno Authors	Kyverno	The Kyverno AuthorsのKyvernoにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41068	2026-04-30 12:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312941	8.3	HIGH Network	microsoft	edge_chromium	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	NVD-CWE-noinfo	CVE-2024-43472	2024-08-29 04:13	2024-08-17	Show	GitHub Exploit DB Packet Storm

312942	5.3	MEDIUM Network	softlabbd	radio_player	The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. This…	CWE-862 Missing Authorization	CVE-2023-4024	2024-08-29 03:32	2024-08-17	Show	GitHub Exploit DB Packet Storm

312943	5.3	MEDIUM Network	softlabbd	radio_player	The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This…	CWE-862 Missing Authorization	CVE-2023-4025	2024-08-29 03:30	2024-08-17	Show	GitHub Exploit DB Packet Storm

312944	9.8	CRITICAL Network	alientechnology	alr-f800_firmware	A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified as critical. Affected is an unknown function of the file /var/www/cmd.php. The manipulation of the arg…	CWE-285 Improper Authorization	CVE-2024-7578	2024-08-29 03:27	2024-08-7	Show	GitHub Exploit DB Packet Storm

312945	8.8	HIGH Network	alientechnology	alr-f800_firmware	A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.c…	CWE-78 OS Command	CVE-2024-7579	2024-08-29 03:26	2024-08-7	Show	GitHub Exploit DB Packet Storm

312946	7.8	HIGH Local	okta	verify	Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5…	CWE-427 Uncontrolled Search Path Element	CVE-2024-7061	2024-08-29 03:25	2024-08-8	Show	GitHub Exploit DB Packet Storm

312947	5.4	MEDIUM Network	opentext	alm_octane	Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code executi…	CWE-79 Cross-site Scripting	CVE-2024-6361	2024-08-29 03:17	2024-08-6	Show	GitHub Exploit DB Packet Storm

312948	5.4	MEDIUM Network	zephyr-one	zephyr_project_manager	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project …	CWE-79 Cross-site Scripting	CVE-2024-43915	2024-08-29 02:44	2024-08-27	Show	GitHub Exploit DB Packet Storm

312949	7.5	HIGH Network	yanzhenjie	andserver	AndServer 2.1.12 is vulnerable to Directory Traversal.	CWE-22 Path Traversal	CVE-2024-41310	2024-08-29 02:42	2024-08-3	Show	GitHub Exploit DB Packet Storm

312950	-		-	-	An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request.	-	CVE-2024-34087	2024-08-29 01:35	2024-08-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed