Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1821	9.8	緊急 Network	Elasticsearch B.V.	Logstash	Elasticsearch B.V.のLogstashにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33466	2026-04-23 10:13	2026-04-8	Show	GitHub Exploit DB Packet Storm

1822	4.3	警告 Network	EspoCRM	EspoCRM	EspoCRMにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-33534	2026-04-23 10:13	2026-04-13	Show	GitHub Exploit DB Packet Storm

1823	7.8	重要 Local	Craig J. Bass (craigjbass)	ClearanceKit	Craig J. Bass (craigjbass)のClearanceKitにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-33632	2026-04-23 10:13	2026-03-26	Show	GitHub Exploit DB Packet Storm

1824	5.4	警告 Network	EspoCRM	EspoCRM	EspoCRMにおける複数の脆弱性	CWE-116 CWE-80	CVE-2026-33657	2026-04-23 10:13	2026-04-13	Show	GitHub Exploit DB Packet Storm

1825	3.1	低 Network	EspoCRM	EspoCRM	EspoCRMにおける複数の脆弱性	CWE-367 CWE-918	CVE-2026-33659	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

1826	5.4	警告 Network	EspoCRM	EspoCRM	EspoCRMにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-33740	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

1827	5.3	警告 Network	The Go Project	tiff	The Go Projectのtiffにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-33809	2026-04-23 10:12	2026-03-25	Show	GitHub Exploit DB Packet Storm

1828	5.5	警告 Local	jqlang	jq	jqlangのjqにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-33947	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

1829	5.3	警告 Network	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-170 CWE-20	CVE-2026-33948	2026-04-23 10:12	2026-04-14	Show	GitHub Exploit DB Packet Storm

1830	4.3	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34225	2026-04-23 10:12	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314331	-		-	-	Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.	-	CVE-2023-22502	2024-01-17 03:15	2024-01-17	Show	GitHub Exploit DB Packet Storm

314332	5.5	MEDIUM Local	-	-	Rejected reason: This CVE is marked as INVALID and not a bug	-	CVE-2021-3532	2024-01-16 02:15	2021-06-9	Show	GitHub Exploit DB Packet Storm

314333	-		-	-	Rejected reason: This CVE ID was unused by the CNA.	-	CVE-2024-0393	2024-01-12 15:15	2024-01-12	Show	GitHub Exploit DB Packet Storm

314334	-		-	-	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.	-	CVE-2023-51195	2024-01-11 05:15	2024-01-11	Show	GitHub Exploit DB Packet Storm

314335	-		-	-	Rejected reason: NON Security Issue.	-	CVE-2024-0395	2024-01-10 23:15	2024-01-10	Show	GitHub Exploit DB Packet Storm

314336	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2024-0193.	-	CVE-2024-0228	2024-01-10 02:15	2024-01-10	Show	GitHub Exploit DB Packet Storm

314337	7.5	HIGH Network	nicolas_boullis debian	mah-jong debian_linux	mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.	CWE-476 NULL Pointer Dereference	CVE-2004-0458	2024-01-9 12:29	2004-09-28	Show	GitHub Exploit DB Packet Storm

314338	7.5	HIGH Network	xchat	xchat	xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference.	CWE-476 NULL Pointer Dereference	CVE-2003-1000	2024-01-9 12:26	2004-01-5	Show	GitHub Exploit DB Packet Storm

314339	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2022-29409	2024-01-9 07:15	2024-01-9	Show	GitHub Exploit DB Packet Storm

314340	-		-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6530. Reason: This candidate is a reservation duplicate of CVE-2023-6530. Notes: All CVE users should reference CV…	-	CVE-2023-5619	2024-01-5 05:15	2024-01-5	Show	GitHub Exploit DB Packet Storm