Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1461	6.1	警告 Local	openCryptoki Project	openCryptoki	openCryptoki ProjectのopenCryptokiにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-40253	2026-04-24 11:41	2026-04-16	Show	GitHub Exploit DB Packet Storm

1462	5.3	警告 Network	pypdf project	pypdf	pypdf projectのpypdfにおけるDTD の再帰的なエンティティ参照の不適切な制限に関する脆弱性	CWE-776 DTD の再帰的なエンティティ参照の不適切な制限	CVE-2026-40260	2026-04-24 11:41	2026-04-17	Show	GitHub Exploit DB Packet Storm

1463	8.8	重要 Network	Chamilo Association	Chamilo LMS	Chamilo AssociationのChamilo LMSにおける複数の脆弱性	CWE-269 CWE-863	CVE-2026-40291	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

1464	9	緊急 Network	Gitroom	Postiz	GitroomのPostizにおける複数の脆弱性	CWE-345 CWE-434 CWE-79	CVE-2026-40487	2026-04-24 11:41	2026-04-18	Show	GitHub Exploit DB Packet Storm

1465	9.8	緊急 Network	FreeScout	FreeScout	FreeScoutにおける複数の脆弱性	CWE-200 CWE-284 CWE-770	CVE-2026-40498	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

1466	6.1	警告 Network	FreeScout	FreeScout	FreeScoutにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40565	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

1467	7.1	重要 Network	OpenProject	OpenProject	OpenProjectにおける複数の脆弱性	CWE-367 CWE-639	CVE-2026-40896	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

1468	7.1	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-40926	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

1469	9.9	緊急 Network	flowiseai	flowise	flowiseaiのflowiseにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-40933	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

1470	9.8	緊急 Network	protobufjs project	protobufjs	protobufjs projectのprotobufjsにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41242	2026-04-24 11:41	2026-04-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
611	6.3	MEDIUM Network	-	-	A vulnerability was found in JeecgBoot up to 3.9.1. Affected by this vulnerability is an unknown functionality of the file /sys/fillRule/edit of the component FillRuleUtil Component. The manipulation…	CWE-266 CWE-285 Incorrect Privilege Assignment Improper Authorization	CVE-2026-7602	2026-05-2 13:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

612	6.4	MEDIUM Network	-	-	The Simple Link Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `qcopd-directory` shortcode in all versions up to, and including, 8.9.2. This is due to in…	CWE-79 Cross-site Scripting	CVE-2026-7209	2026-05-2 13:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

613	6.4	MEDIUM Network	-	-	The Maxi Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `/wp-json/maxi-blocks/v1.0/style-card` REST API endpoint in all versions up to, and including, 2.1.9 due to i…	CWE-79 Cross-site Scripting	CVE-2026-6378	2026-05-2 13:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

614	4.3	MEDIUM Network	-	-	A vulnerability has been found in Open5GS up to 2.7.6. Affected is an unknown function of the file src/amf/gmm-handler.c of the component AMF. The manipulation of the argument reg_type leads to denia…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-7601	2026-05-2 12:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

615	4.3	MEDIUM Network	-	-	A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py …	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-7596	2026-05-2 11:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

616	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated memory exhaustion via oversized HTTP/2 frames. 'Elixir.Bandit.HTTP2.Frame':deserialize/2 i…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42788	2026-05-2 11:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

617	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in 'Elixir.Ba…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42786	2026-05-2 11:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

618	-		-	-	Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determine_…	CWE-807 Reliance on Untrusted Inputs in a Security Decision	CVE-2026-39807	2026-05-2 11:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

619	-		-	-	Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers. 'Elixir.Bandit.Headers':get_content_length/1 in lib/b…	CWE-444 HTTP Request Smuggling	CVE-2026-39805	2026-05-2 11:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

620	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion when WebSocket permessage-deflate compressio…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-39804	2026-05-2 11:16	2026-05-2	Show	GitHub Exploit DB Packet Storm