Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1291	8.9	重要 Network	GitHub	Enterprise Server	GitHubのEnterprise Serverにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-5921	2026-04-30 10:57	2026-04-21	Show	GitHub Exploit DB Packet Storm

1292	7.8	重要 Local	レッドハット gimp	Red Hat Enterprise Linux gimp	gimp等の複数ベンダの製品における古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-6384	2026-04-30 10:57	2026-04-15	Show	GitHub Exploit DB Packet Storm

1293	7.8	重要 Local	Rapid7	Insight Agent	Rapid7のInsight Agentにおける信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-6482	2026-04-30 10:57	2026-04-17	Show	GitHub Exploit DB Packet Storm

1294	8.1	重要 Network	Mozilla Foundation	Mozilla Thunderbird Mozilla Firefox	Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性	CWE-125 CWE-416 CWE-787	CVE-2026-6785	2026-04-30 10:57	2026-04-26	Show	GitHub Exploit DB Packet Storm

1295	8.1	重要 Network	Mozilla Foundation	Mozilla Thunderbird Mozilla Firefox	Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性	CWE-125 CWE-416 CWE-787	CVE-2026-6786	2026-04-30 10:57	2026-04-26	Show	GitHub Exploit DB Packet Storm

1296	7.8	重要 Local	IObit	Malware Fighter	IObitのMalware Fighterにおける引用されない検索パスまたは要素に関する脆弱性	CWE-428 引用されない検索パスまたは要素	CVE-2016-20059	2026-04-28 10:14	2026-04-4	Show	GitHub Exploit DB Packet Storm

1297	6.3	警告 Network	Apache Software Foundation	Apache DolphinScheduler	Apache Software FoundationのApache DolphinSchedulerにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2025-62233	2026-04-28 10:14	2026-04-24	Show	GitHub Exploit DB Packet Storm

1298	2.9	低 Local	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-22007	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

1299	5.3	警告 Network	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品における保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-22013	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

1300	7.5	重要 Network	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品における複数の脆弱性	CWE-200 CWE-502	CVE-2026-22016	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313451	-		-	-	A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet S…	CWE-259 Use of Hard-coded Password	CVE-2024-7332	2024-08-1 10:15	2024-08-1	Show	GitHub Exploit DB Packet Storm

313452	-		-	-	A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as critical. Affected by this issue is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipul…	CWE-120 Classic Buffer Overflow	CVE-2024-7331	2024-08-1 09:15	2024-08-1	Show	GitHub Exploit DB Packet Storm

313453	10.0	CRITICAL Network	-	-	Rejected reason: User data field is not attacker controlled	-	CVE-2023-4262	2024-08-1 09:15	2023-09-28	Show	GitHub Exploit DB Packet Storm

313454	-		-	-	UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Bolt CMS 3.7.1. It has been rated as problematic. This issue affects some unknown processing of the file /preview/page of the component En…	CWE-79 Cross-site Scripting	CVE-2024-7299	2024-08-1 01:15	2024-07-31	Show	GitHub Exploit DB Packet Storm

313455	-		-	-	When the device is shared, the homepage module are before 2.19.0 in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive informat…	-	CVE-2024-7205	2024-08-1 00:15	2024-07-31	Show	GitHub Exploit DB Packet Storm

313456	-		-	-	A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. This vulnerability affects unknown code of the file signup.php of the component User Regis…	CWE-79 Cross-site Scripting	CVE-2024-7321	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313457	-		-	-	A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. …	CWE-89 SQL Injection	CVE-2024-7320	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313458	-		-	-	A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the…	-	CVE-2024-7311	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313459	6.5	MEDIUM Network	-	-	The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7. The function …	-	CVE-2024-7135	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm

313460	4.9	MEDIUM Network	-	-	The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ parameter in …	-	CVE-2024-6725	2024-07-31 21:57	2024-07-31	Show	GitHub Exploit DB Packet Storm