Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1661	7.8	重要 Local	ggml.ai	llama.cpp	ggml.aiのllama.cppにおける複数の脆弱性	CWE-122 CWE-190	CVE-2026-27940	2026-04-30 12:16	2026-03-12	Show	GitHub Exploit DB Packet Storm

1662	9.8	緊急 Network	OpenPLC Project	OpenPLC_v3 ファームウェア	OpenPLC ProjectのOpenPLC_v3 ファームウェアにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2026-28205	2026-04-30 12:16	2026-04-9	Show	GitHub Exploit DB Packet Storm

1663	4.3	警告 Network	Rocket.Chat	Rocket.Chat	Rocket.Chatにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-29197	2026-04-30 12:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

1664	9.8	緊急 Network	Shenzhen Tenda Technology Co.,Ltd.	AC18 ファームウェア	Shenzhen Tenda Technology Co.,Ltd.のAC18 ファームウェアにおけるコマンドインジェクションの脆弱性	CWE-77 CWE-77	CVE-2026-31255	2026-04-30 12:16	2026-04-27	Show	GitHub Exploit DB Packet Storm

1665	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-31481	2026-04-30 12:16	2026-04-22	Show	GitHub Exploit DB Packet Storm

1666	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-31482	2026-04-30 12:16	2026-04-22	Show	GitHub Exploit DB Packet Storm

1667	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-31483	2026-04-30 12:16	2026-04-22	Show	GitHub Exploit DB Packet Storm

1668	7.1	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-31484	2026-04-30 12:16	2026-04-22	Show	GitHub Exploit DB Packet Storm

1669	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-31485	2026-04-30 12:16	2026-04-22	Show	GitHub Exploit DB Packet Storm

1670	7.1	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2026-31486	2026-04-30 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313361	-		-	-	The Shield Security WordPress plugin before 20.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used aga…	-	CVE-2024-7313	2024-08-26 15:15	2024-08-26	Show	GitHub Exploit DB Packet Storm

313362	-		-	-	Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expe…	-	CVE-2024-41996	2024-08-26 15:15	2024-08-26	Show	GitHub Exploit DB Packet Storm

313363	-		-	-	cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring.	-	CVE-2024-43688	2024-08-26 15:15	2024-08-20	Show	GitHub Exploit DB Packet Storm

313364	-		-	-	Python Pip Pandas v2.2.2 was discovered to contain an arbitrary file read vulnerability.	-	CVE-2024-42992	2024-08-26 12:35	2024-08-24	Show	GitHub Exploit DB Packet Storm

313365	4.8	MEDIUM Network	ibm	common_licensing	IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended function…	CWE-79 Cross-site Scripting	CVE-2024-41774	2024-08-24 20:15	2024-08-13	Show	GitHub Exploit DB Packet Storm

313366	9.8	CRITICAL Network	project_expense_monitoring_system_project	project_expense_monitoring_system	A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file execute.php. …	CWE-89 SQL Injection	CVE-2024-7934	2024-08-24 04:54	2024-08-20	Show	GitHub Exploit DB Packet Storm

313367	9.8	CRITICAL Network	project_expense_monitoring_system_project	project_expense_monitoring_system	A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been classified as critical. Affected is an unknown function of the file login1.php of the component Backend Lo…	CWE-89 SQL Injection	CVE-2024-7933	2024-08-24 04:53	2024-08-20	Show	GitHub Exploit DB Packet Storm

313368	9.8	CRITICAL Network	project_expense_monitoring_system_project	project_expense_monitoring_system	A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file print.php. The manipul…	CWE-89 SQL Injection	CVE-2024-7935	2024-08-24 04:52	2024-08-20	Show	GitHub Exploit DB Packet Storm

313369	-		-	-	Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component.	-	CVE-2024-42852	2024-08-24 04:35	2024-08-24	Show	GitHub Exploit DB Packet Storm

313370	-		-	-	Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function fromSetIpBind.	-	CVE-2024-44386	2024-08-24 04:35	2024-08-24	Show	GitHub Exploit DB Packet Storm