Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1291	8.1	重要 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-7424	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

1292	6.5	警告 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-7425	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

1293	8.1	重要 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-7426	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

1294	5.4	警告 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおけるリクエストの直接送信に関する脆弱性	CWE-425 CWE-noinfo	CVE-2026-7500	2026-05-7 11:25	2026-04-30	Show	GitHub Exploit DB Packet Storm

1295	8.8	重要 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-7551	2026-05-7 11:25	2026-04-30	Show	GitHub Exploit DB Packet Storm

1296	9.8	緊急 Network	Synway	SMG Gateway Management Software	SynwayのSMG Gateway Management SoftwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2025-71284	2026-05-7 10:53	2026-04-30	Show	GitHub Exploit DB Packet Storm

1297	7.8	重要 Local	KDE project	KCoreAddons	KDE projectのKCoreAddonsにおけるエスケープ、メタ、またはコントロールシーケンスの不適切な無効化に関する脆弱性	CWE-150 エスケープ、メタ、またはコントロールシーケンスの不適切な無効化	CVE-2026-41526	2026-05-7 10:53	2026-04-28	Show	GitHub Exploit DB Packet Storm

1298	8.8	重要 Network	SailPoint Technologies Holdings, Inc.	IdentityIQ	SailPoint Technologies Holdings, Inc.のIdentityIQにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-5712	2026-05-7 10:53	2026-04-29	Show	GitHub Exploit DB Packet Storm

1299	5.5	警告 Local	Canonical	pdfunite	Canonicalのpdfuniteにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2018-25306	2026-05-7 10:53	2026-04-29	Show	GitHub Exploit DB Packet Storm

1300	9.8	緊急 Network	Kvcache-ai	Ktransformers	Kvcache-aiのKtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-26210	2026-05-7 10:53	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312881	-		-	-	Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.	-	CVE-2023-37226	2024-09-11 01:35	2024-09-10	Show	GitHub Exploit DB Packet Storm

312882	-		-	-	An issue in Ellevo v.6.2.0.38160 allows a remote attacker to escalate privileges via the /api/usuario/cadastrodesuplente endpoint.	-	CVE-2024-42759	2024-09-11 01:35	2024-09-10	Show	GitHub Exploit DB Packet Storm

312883	-		-	-	Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account can access webhook delivery information for any webhook r…	-	CVE-2024-45393	2024-09-11 00:50	2024-09-11	Show	GitHub Exploit DB Packet Storm

312884	-		-	-	Bareos is open source software for backup, archiving, and recovery of data for operating systems. When a command ACL is in place and a user executes a command in bconsole using an abbreviation (i.e. …	CWE-285 Improper Authorization	CVE-2024-45044	2024-09-11 00:50	2024-09-11	Show	GitHub Exploit DB Packet Storm

312885	-		-	-	MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 versio…	-	CVE-2024-8654	2024-09-11 00:50	2024-09-10	Show	GitHub Exploit DB Packet Storm

312886	-		-	-	phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php.	-	CVE-2024-44867	2024-09-11 00:50	2024-09-10	Show	GitHub Exploit DB Packet Storm

312887	4.3	MEDIUM Network	oretnom23	food_ordering_management_system	A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the com…	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2024-8558	2024-09-11 00:50	2024-09-8	Show	GitHub Exploit DB Packet Storm

312888	5.4	MEDIUM Network	oretnom23	online_bank_management_system	A vulnerability was found in SourceCodester Online Bank Management System and Online Bank Management System - 1.0. It has been classified as problematic. This affects an unknown part of the file /mfe…	CWE-79 Cross-site Scripting	CVE-2024-8583	2024-09-11 00:49	2024-09-9	Show	GitHub Exploit DB Packet Storm

312889	6.1	MEDIUM Network	oretnom23	food_ordering_management_system	A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipul…	CWE-79 Cross-site Scripting	CVE-2024-8582	2024-09-11 00:48	2024-09-9	Show	GitHub Exploit DB Packet Storm

312890	8.1	HIGH Network	totolink	t8_firmware	A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220. This vulnerability affects unknown code of the file /etc/shadow.sample. The manipulation leads to use of …	CWE-259 Use of Hard-coded Password	CVE-2024-8580	2024-09-11 00:47	2024-09-9	Show	GitHub Exploit DB Packet Storm