Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1851 4.9 警告
Network 		フォーティネット Fortiweb フォーティネットのFortiwebにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-39811 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
1852 4.8 警告
Network 		フォーティネット FortiSandbox
FortiSandbox Cloud 		フォーティネットのFortiSandbox等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-39812 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
1853 6.7 警告
Local 		フォーティネット Fortiweb フォーティネットのFortiwebにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-39814 2026-04-23 10:11 2026-04-14 Show GitHub Exploit DB Packet Storm
1854 4.1 警告
Network 		Weblate Weblate Weblateにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-39845 2026-04-23 10:11 2026-04-15 Show GitHub Exploit DB Packet Storm
1855 5.9 警告
Network 		axios project axios axios projectのaxiosにおける複数の脆弱性 CWE-400
CWE-662
CVE-2026-39865 2026-04-23 10:11 2026-04-8 Show GitHub Exploit DB Packet Storm
1856 6.1 警告
Local 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-125
CWE-476
CWE-843
CVE-2026-39956 2026-04-23 10:11 2026-04-13 Show GitHub Exploit DB Packet Storm
1857 7.2 重要
Network 		citeum opencti citeumのopenctiにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-39980 2026-04-23 10:11 2026-04-9 Show GitHub Exploit DB Packet Storm
1858 6.1 警告
Network 		McGill University LORIS (Longitudinal Online Research and Imaging System) McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-39985 2026-04-23 10:11 2026-04-9 Show GitHub Exploit DB Packet Storm
1859 5.3 警告
Network 		Apache Software Foundation Apache Log4cxx Apache Software FoundationのApache Log4cxxにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-40023 2026-04-23 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
1860 4.8 警告
Network 		axios project axios axios projectのaxiosにおける複数の脆弱性 CWE-113
CWE-444
CWE-918
CVE-2026-40175 2026-04-23 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211 6.3 MEDIUM
Network 		- - A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is poss… New CWE-20
CWE-502
 Improper Input Validation 
 Deserialization of Untrusted Data 		CVE-2026-7712 2026-05-4 09:16 2026-05-4 Show GitHub Exploit DB Packet Storm
212 7.3 HIGH
Network 		- - A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py of the component Engine Handler. Executing… New CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-7711 2026-05-4 09:16 2026-05-4 Show GitHub Exploit DB Packet Storm
213 7.3 HIGH
Network 		- - A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Perform… New CWE-287
Improper Authentication 		CVE-2026-7710 2026-05-4 09:16 2026-05-4 Show GitHub Exploit DB Packet Storm
214 6.3 MEDIUM
Network 		- - A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generate_auth_token of the file cps/kobo_auth.py of the component Endpoint. Such manipulation… New CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-7709 2026-05-4 08:16 2026-05-4 Show GitHub Exploit DB Packet Storm
215 4.3 MEDIUM
Network 		- - A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_dbi_subscription_data in the library /lib/dbi/subscription.c of the component UDR. This manipulation of… New CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-7708 2026-05-4 08:16 2026-05-4 Show GitHub Exploit DB Packet Storm
216 4.3 MEDIUM
Network 		- - A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the ar… New CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-7707 2026-05-4 08:16 2026-05-4 Show GitHub Exploit DB Packet Storm
217 4.3 MEDIUM
Network 		- - A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmm_handle_service_request of the file /src/amf/gmm-handler.c of the component AMF. The manipulation leads to de… New CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-7706 2026-05-4 08:16 2026-05-4 Show GitHub Exploit DB Packet Storm
218 6.3 MEDIUM
Network 		- - A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info of the file /jdcap of the component Service Interface. Executing a manipulation of the argum… New CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-7705 2026-05-4 08:16 2026-05-4 Show GitHub Exploit DB Packet Storm
219 6.5 MEDIUM
Network 		- - A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constrai… Update CWE-178
 Improper Handling of Case Sensitivity 		CVE-2026-3833 2026-05-4 05:16 2026-05-1 Show GitHub Exploit DB Packet Storm
220 3.7 LOW
Network 		- - A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a lo… Update CWE-179
 Incorrect Behavior Order: Early Validation 		CVE-2026-3832 2026-05-4 05:16 2026-05-1 Show GitHub Exploit DB Packet Storm