Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1821	9.8	緊急 Network	Elasticsearch B.V.	Logstash	Elasticsearch B.V.のLogstashにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33466	2026-04-23 10:13	2026-04-8	Show	GitHub Exploit DB Packet Storm

1822	4.3	警告 Network	EspoCRM	EspoCRM	EspoCRMにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-33534	2026-04-23 10:13	2026-04-13	Show	GitHub Exploit DB Packet Storm

1823	7.8	重要 Local	Craig J. Bass (craigjbass)	ClearanceKit	Craig J. Bass (craigjbass)のClearanceKitにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-33632	2026-04-23 10:13	2026-03-26	Show	GitHub Exploit DB Packet Storm

1824	5.4	警告 Network	EspoCRM	EspoCRM	EspoCRMにおける複数の脆弱性	CWE-116 CWE-80	CVE-2026-33657	2026-04-23 10:13	2026-04-13	Show	GitHub Exploit DB Packet Storm

1825	3.1	低 Network	EspoCRM	EspoCRM	EspoCRMにおける複数の脆弱性	CWE-367 CWE-918	CVE-2026-33659	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

1826	5.4	警告 Network	EspoCRM	EspoCRM	EspoCRMにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-33740	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

1827	5.3	警告 Network	The Go Project	tiff	The Go Projectのtiffにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-33809	2026-04-23 10:12	2026-03-25	Show	GitHub Exploit DB Packet Storm

1828	5.5	警告 Local	jqlang	jq	jqlangのjqにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-33947	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

1829	5.3	警告 Network	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-170 CWE-20	CVE-2026-33948	2026-04-23 10:12	2026-04-14	Show	GitHub Exploit DB Packet Storm

1830	4.3	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34225	2026-04-23 10:12	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
111	7.8	HIGH Local	-	-	An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escal… New	CWE-20 CWE-269 Improper Input Validation Improper Privilege Management	CVE-2025-52347	2026-05-2 04:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

112	6.1	MEDIUM Network	dragonexpert	recent_threads_on_index	MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can creat… New	CWE-79 Cross-site Scripting	CVE-2018-25309	2026-05-2 04:15	2026-04-30	Show	GitHub Exploit DB Packet Storm

113	7.4	HIGH Network	skim-rs	skim	Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with … Update	CWE-94 Code Injection	CVE-2026-41414	2026-05-2 04:03	2026-04-25	Show	GitHub Exploit DB Packet Storm

114	7.5	HIGH Network	wireshark	wireshark	HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New	CWE-121 Stack-based Buffer Overflow	CVE-2026-6868	2026-05-2 04:01	2026-04-30	Show	GitHub Exploit DB Packet Storm

115	7.5	HIGH Network	wireshark	wireshark	UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-7375	2026-05-2 04:00	2026-04-30	Show	GitHub Exploit DB Packet Storm

116	7.5	HIGH Network	wireshark	wireshark	Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New	CWE-476 NULL Pointer Dereference	CVE-2026-7376	2026-05-2 03:59	2026-04-30	Show	GitHub Exploit DB Packet Storm

117	7.5	HIGH Network	wireshark	wireshark	Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New	CWE-122 Heap-based Buffer Overflow	CVE-2026-7378	2026-05-2 03:55	2026-04-30	Show	GitHub Exploit DB Packet Storm

118	7.5	HIGH Network	wireshark	wireshark	Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-7379	2026-05-2 03:41	2026-04-30	Show	GitHub Exploit DB Packet Storm

119	7.5	HIGH Network	libsndfile_project	libsndfile	An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When … Update	CWE-190 Integer Overflow or Wraparound	CVE-2026-37555	2026-05-2 03:37	2026-04-30	Show	GitHub Exploit DB Packet Storm

120	5.5	MEDIUM Local	wireshark	wireshark	SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service New	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-6531	2026-05-2 03:16	2026-04-30	Show	GitHub Exploit DB Packet Storm