Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1201	4.8	警告 Network	IBM	IBM Guardium Data Protection	IBMのIBM Guardium Data Protectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4919	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

1202	8.6	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-5052	2026-04-30 12:25	2026-04-17	Show	GitHub Exploit DB Packet Storm

1203	6.5	警告 Network	Rapid7	velociraptor	Rapid7のvelociraptorにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-5329	2026-04-30 12:25	2026-04-9	Show	GitHub Exploit DB Packet Storm

1204	7.5	重要 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-5477	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

1205	5.9	警告 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-5500	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

1206	8.1	重要 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-5501	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

1207	9.1	緊急 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-5503	2026-04-30 12:24	2026-04-9	Show	GitHub Exploit DB Packet Storm

1208	9	緊急 Network	craftycontrol	crafty controller	craftycontrolのcrafty controllerにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-5652	2026-04-30 12:24	2026-04-21	Show	GitHub Exploit DB Packet Storm

1209	7.5	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-5807	2026-04-30 12:24	2026-04-17	Show	GitHub Exploit DB Packet Storm

1210	7.1	重要 Local	radare	radare2	radareのradare2におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-6940	2026-04-30 12:24	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313111	6.5	MEDIUM Network	okfn	ckan	CKAN is an open-source data management system for powering data hubs and data portals. There are a number of CKAN plugins, including XLoader, DataPusher, Resource proxy and ckanext-archiver, that wor…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-43371	2024-08-24 01:20	2024-08-22	Show	GitHub Exploit DB Packet Storm

313112	-		-	-	A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "passwo…	-	CVE-2024-42765	2024-08-24 01:18	2024-08-24	Show	GitHub Exploit DB Packet Storm

313113	-		-	-	Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php.	-	CVE-2024-42764	2024-08-24 01:18	2024-08-24	Show	GitHub Exploit DB Packet Storm

313114	-		-	-	Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remot…	-	CVE-2024-37311	2024-08-24 01:18	2024-08-24	Show	GitHub Exploit DB Packet Storm

313115	-		-	-	In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to refer…	-	CVE-2024-43883	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

313116	-		-	-	Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where co…	-	CVE-2024-38807	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

313117	-		-	-	Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple tim…	-	CVE-2024-43105	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

313118	-		-	-	The WP Table Builder WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting a…	-	CVE-2024-3282	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

313119	-		-	-	A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Ph…	-	CVE-2024-42762	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

313120	-		-	-	A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via sched…	-	CVE-2024-42761	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm