Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 2:21 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1411 8.8 重要
Adjacent 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-31570 2026-04-30 12:09 2026-04-24 Show GitHub Exploit DB Packet Storm
1412 6.1 警告
Network 		CyberPanel CyberPanel CyberPanelにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41472 2026-04-30 12:08 2026-04-24 Show GitHub Exploit DB Packet Storm
1413 9.1 緊急
Network 		CyberPanel CyberPanel CyberPanelにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-41473 2026-04-30 12:08 2026-04-24 Show GitHub Exploit DB Packet Storm
1414 8.2 重要
Local 		レッドハット Red Hat Advanced Cluster Management for Kubernetes レッドハットのRed Hat Advanced Cluster Management for Kubernetesにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-4740 2026-04-30 12:08 2026-04-7 Show GitHub Exploit DB Packet Storm
1415 9.8 緊急
Network 		Pipecat Pipecat Pipecatにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2025-62373 2026-04-30 12:08 2026-04-23 Show GitHub Exploit DB Packet Storm
1416 7.8 重要
Local 		Amazon.com, Inc. Kiro IDE Amazon.com, Inc.のKiro IDEにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-0830 2026-04-30 12:08 2026-01-9 Show GitHub Exploit DB Packet Storm
1417 5.4 警告
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-25720 2026-04-30 12:08 2026-04-24 Show GitHub Exploit DB Packet Storm
1418 9.8 緊急
Network 		huggingface LeRobot huggingfaceのLeRobotにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-25874 2026-04-30 12:08 2026-04-23 Show GitHub Exploit DB Packet Storm
1419 8.1 重要
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-27841 2026-04-30 12:08 2026-04-24 Show GitHub Exploit DB Packet Storm
1420 9.1 緊急
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-27843 2026-04-30 12:08 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313531 9.8 CRITICAL
Network 		eladmin eladmin A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Datab… CWE-22
Path Traversal 		CVE-2024-7458 2024-08-7 02:12 2024-08-5 Show GitHub Exploit DB Packet Storm
313532 - - - PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later, - CVE-2024-30170 2024-08-7 01:35 2024-08-6 Show GitHub Exploit DB Packet Storm
313533 - - - Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. - CVE-2024-7527 2024-08-7 01:35 2024-08-6 Show GitHub Exploit DB Packet Storm
313534 - - - A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129 and Firefox ESR < 128.1. - CVE-2024-7520 2024-08-7 01:35 2024-08-6 Show GitHub Exploit DB Packet Storm
313535 7.5 HIGH
Network 		- - Transient DOS during music playback of ALAC content. - CVE-2024-21479 2024-08-7 01:31 2024-08-6 Show GitHub Exploit DB Packet Storm
313536 6.5 MEDIUM
Network 		- - Information disclosure while handling beacon probe frame during scan entry generation in client side. - CVE-2024-21467 2024-08-7 01:31 2024-08-6 Show GitHub Exploit DB Packet Storm
313537 6.5 MEDIUM
Network 		- - Information disclosure while handling beacon or probe response frame in STA. - CVE-2024-21459 2024-08-7 01:31 2024-08-6 Show GitHub Exploit DB Packet Storm
313538 - - - Improper filering of special characters result in a command ('command injection') vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2. - CVE-2024-7397 2024-08-7 01:31 2024-08-5 Show GitHub Exploit DB Packet Storm
313539 - - - Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2. - CVE-2024-7396 2024-08-7 01:31 2024-08-5 Show GitHub Exploit DB Packet Storm
313540 - - - An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2. - CVE-2024-7395 2024-08-7 01:31 2024-08-5 Show GitHub Exploit DB Packet Storm