Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1361	3.7	低 Network	オラクル	JDK JRE	オラクルのJDK等の複数製品における不要な特権による実行に関する脆弱性	CWE-250 不要な特権による実行	CVE-2026-22008	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

1362	6.5	警告 Network	オラクル	MySQL Server	オラクルのMySQL Serverにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-22009	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

1363	7.5	重要 Network	オラクル	Oracle Financial Services Analytical Applications Infrastructure	オラクルのOracle Financial Services Analytical Applications Infrastructureにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-22010	2026-04-24 11:33	2026-04-21	Show	GitHub Exploit DB Packet Storm

1364	7.6	重要 Network	オラクル	Oracle Applications DBA	オラクルのOracle Applications DBAにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-22011	2026-04-24 11:33	2026-04-21	Show	GitHub Exploit DB Packet Storm

1365	3.8	低 Network	オラクル	Oracle User Management	オラクルのOracle User Managementにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-22014	2026-04-24 11:33	2026-04-21	Show	GitHub Exploit DB Packet Storm

1366	4.3	警告 Network	オラクル	MySQL Server	オラクルのMySQL Serverにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-22015	2026-04-24 11:33	2026-04-21	Show	GitHub Exploit DB Packet Storm

1367	6.5	警告 Network	オラクル	MySQL Server	オラクルのMySQL Serverにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-22017	2026-04-24 11:33	2026-04-21	Show	GitHub Exploit DB Packet Storm

1368	7.2	重要 Network	Eaton	Intelligent Power Protector	EatonのIntelligent Power Protectorにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-22615	2026-04-24 11:33	2026-04-16	Show	GitHub Exploit DB Packet Storm

1369	7.5	重要 Network	Eaton	Intelligent Power Protector	EatonのIntelligent Power Protectorにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-22616	2026-04-24 11:33	2026-04-16	Show	GitHub Exploit DB Packet Storm

1370	7.4	重要 Network	Eaton	Intelligent Power Protector	EatonのIntelligent Power ProtectorにおけるHTTPS セッション内の Secure 属性がない重要な Cookie に関する脆弱性	CWE-614 HTTPS セッション内の Secure 属性がない重要な Cookie	CVE-2026-22617	2026-04-24 11:33	2026-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
81	4.8	MEDIUM Network	-	-	Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an admin… New	CWE-295 Improper Certificate Validation	CVE-2026-40557	2026-05-1 01:16	2026-04-27	Show	GitHub Exploit DB Packet Storm

82	9.8	CRITICAL Network	-	-	Cockpit v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter within multiple endpoints. This vulnerability allows an attacker to run system commands on the underlyin… New	CWE-94 Code Injection	CVE-2026-38992	2026-05-1 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

83	7.5	HIGH Network	-	-	U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication… New	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-36959	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

84	7.5	HIGH Network	-	-	A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management in… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-36958	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

85	7.5	HIGH Network	-	-	Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent … New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-36957	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

86	8.8	HIGH Network	-	-	A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanism… New	CWE-352 Origin Validation Error	CVE-2026-36956	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

87	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34998	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

88	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34997	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

89	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34996	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

90	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34995	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm