Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1681	9.8	緊急 Network	エレコム株式会社	WAB-S300IW2-PD WRC-X3000GST2-B WRC-X1800GS-B WRC-X6000QSA-G WRC-X3000GS2-W WAB-S733IW2-PD WAB-S733IW-AC WAB-S733IW-PD WRC-XE5400GS-G WRC-X3000GS2-B WRC-X1800GSA-B WRC…	エレコム無線LAN関連製品における複数の脆弱性	CWE-352 CWE-78 CWE-Other	CVE-2026-20704 CVE-2026-22550 CVE-2026-24449 CVE-2026-24465	2026-05-12 15:09	2026-02-3	Show	GitHub Exploit DB Packet Storm

1682	8.8	重要 Adjacent	エレコム株式会社	WRC-X3000GS2-B ファームウェア WAB-I1750-PS WAB-S1775 ファームウェア WRC-X3000GST2-B WAB-S733MI WAB-S1167-PS WRC-X3000GS2A-B ファームウェア WAB-M1775-PS ファームウェア WRC-X3000GS2-W&n…	エレコム製無線LANルーターおよび無線アクセスポイントにおける複数の脆弱性	CWE-119 CWE-79 CWE-Other	CVE-2024-34577 CVE-2024-39300 CVE-2024-42412 CVE-2024-43689	2026-05-12 15:01	2024-08-27	Show	GitHub Exploit DB Packet Storm

1683	6.8	警告 Adjacent	エレコム株式会社	WRC-2533GST2 ファームウェア WRC-X3000GST2-B WRC-X1800GS-B WRC-X6000QSA-G WRC-2533GS2V-B WMC-X1800GST-B WRC-G01-W WRC-XE5400GS-G WRC-X1800GSA-B WRC-X1800GSH-B WRC-X6000XST-…	エレコム製無線LANルーターにおける複数の脆弱性	CWE-352 CWE-78 CWE-Other	CVE-2024-34021 CVE-2024-39607 CVE-2024-40883	2026-05-12 14:51	2024-07-30	Show	GitHub Exploit DB Packet Storm

1684	-	-	ollama	ollama	Ollamaにおける境界外の読み取りおよび書き込みの脆弱性	-	-	2026-05-12 12:34	2026-05-11	Show	GitHub Exploit DB Packet Storm

1685	4.9	警告 Network	キヤノン	(複数の製品)	キヤノン製プロダクションプリンター、オフィス/スモールオフィス向け複合機における機微な情報を取得可能な脆弱性	CWE-807 セキュリティ決定の信頼できない入力への依存	CVE-2026-1789	2026-05-12 12:34	2026-05-11	Show	GitHub Exploit DB Packet Storm

1686	-	-		-	サーバ製品におけるインテル社公表脆弱性(INTEL-SA-01397他)による影響について	-	CVE-2025-22885 CVE-2025-27560 CVE-2025-27572 CVE-2025-27940 CVE-2025-30513 CVE-2025-31648 CVE-2025-31944 CVE-2025-32007 CVE-2025-32467	2026-05-12 11:50	2026-03-27	Show	GitHub Exploit DB Packet Storm

1687	-	-		-	サーバ製品におけるインテル社公表脆弱性(INTEL-SA-01234)による影響について	-	CVE-2025-20027 CVE-2025-20028 CVE-2025-20064 CVE-2025-20068 CVE-2025-20073 CVE-2025-20105 CVE-2025-22444 CVE-2025-22850	2026-05-12 11:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

1688	-	-		-	サーバ製品におけるBIOSの脆弱性(CVE-2026-22796)による影響について	-	CVE-2026-22796	2026-05-12 11:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

1689	5.3	警告 Local	Prusa3D	PrusaSlicer	Prusa3DのPrusaSlicerにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2023-47268	2026-05-12 10:21	2026-05-8	Show	GitHub Exploit DB Packet Storm

1690	7.2	重要 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるリソースの安全ではないデフォルト値への初期化に関する脆弱性	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2025-31974	2026-05-12 10:21	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1971	7.5	HIGH Network	protobufjs_project	protobufjs	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected bo…	CWE-674 Uncontrolled Recursion	CVE-2026-44289	2026-05-14 05:50	2026-05-14	Show	GitHub Exploit DB Packet Storm

1972	7.5	HIGH Network	protobufjs_project	protobufjs	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.…	CWE-674 Uncontrolled Recursion	CVE-2026-45740	2026-05-14 05:50	2026-05-14	Show	GitHub Exploit DB Packet Storm

1973	8.8	HIGH Network	microsoft	sharepoint_server	Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.	CWE-502 Deserialization of Untrusted Data	CVE-2026-40357	2026-05-14 05:48	2026-05-13	Show	GitHub Exploit DB Packet Storm

1974	9.6	CRITICAL Network	ivanti	xtraction	External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to …	CWE-73 External Control of File Name or Path	CVE-2026-8043	2026-05-14 05:34	2026-05-13	Show	GitHub Exploit DB Packet Storm

1975	5.0	MEDIUM Local	-	-	csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories.	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-41051	2026-05-14 05:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1976	7.8	HIGH Local	adobe	substance_3d_designer	Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation …	CWE-787 Out-of-bounds Write	CVE-2026-34684	2026-05-14 05:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1977	7.8	HIGH Local	adobe	substance_3d_designer	Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation …	CWE-787 Out-of-bounds Write	CVE-2026-34683	2026-05-14 05:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

1978	5.9	MEDIUM Network	vercel	next.js	Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fe…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-44577	2026-05-14 05:00	2026-05-14	Show	GitHub Exploit DB Packet Storm

1979	5.5	MEDIUM Local	pengutronix	barebox	barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4_common.c where the ext4fs_iterate_dir() function fails to validate that directo…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-34962	2026-05-14 04:58	2026-05-12	Show	GitHub Exploit DB Packet Storm

1980	7.7	HIGH Local	pengutronix	barebox	barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the eh_entries field against buffer capacity in fs/ext4/ext4_common.…	CWE-125 Out-of-bounds Read	CVE-2026-34961	2026-05-14 04:57	2026-05-12	Show	GitHub Exploit DB Packet Storm