Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1901	8.1	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-3605	2026-04-27 11:19	2026-04-17	Show	GitHub Exploit DB Packet Storm

1902	9.4	緊急 Network	dgraph	dgraph	dgraphにおける複数の脆弱性	CWE-200 CWE-215 CWE-522	CVE-2026-40173	2026-04-27 11:19	2026-04-15	Show	GitHub Exploit DB Packet Storm

1903	7.8	重要 Local	Composer	Composer	Composerにおける複数の脆弱性	CWE-20 CWE-78 CWE-78	CVE-2026-40176	2026-04-27 11:19	2026-04-15	Show	GitHub Exploit DB Packet Storm

1904	6.1	警告 Network	Apostrophe Technologies	sanitize-html ApostropheCMS	Apostrophe TechnologiesのApostropheCMS等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40186	2026-04-27 11:18	2026-04-15	Show	GitHub Exploit DB Packet Storm

1905	8.8	重要 Network	Composer	Composer	Composerにおける複数の脆弱性	CWE-20 CWE-78 CWE-78	CVE-2026-40261	2026-04-27 11:18	2026-04-15	Show	GitHub Exploit DB Packet Storm

1906	9.8	緊急 Network	Phpscriptsmall	Advance Gift Shop Pro Script	PhpscriptsmallのAdvance Gift Shop Pro ScriptにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2019-25680	2026-04-27 11:18	2026-04-5	Show	GitHub Exploit DB Packet Storm

1907	9.8	緊急 Network	WISDOM	Pegasus CMS	WISDOMのPegasus CMSにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2019-25687	2026-04-27 11:18	2026-04-5	Show	GitHub Exploit DB Packet Storm

1908	8.8	重要 Network	Nextcloud windmill project	windmill Nextcloud Flow	Nextcloud等の複数ベンダの製品における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-22683	2026-04-27 11:18	2026-04-7	Show	GitHub Exploit DB Packet Storm

1909	7.5	重要 Network	XiangShan	NEMU	XiangShanのNEMUにおける複数の脆弱性	CWE-1287 CWE-131	CVE-2026-29645	2026-04-27 11:18	2026-04-20	Show	GitHub Exploit DB Packet Storm

1910	9.8	緊急 Network	XiangShan	NEMU	XiangShanのNEMUにおける保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-29649	2026-04-27 11:18	2026-04-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
811	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: AV1: Fix tile info buffer size Each tile info is composed of: row_sb, col_sb, start_pos and end_pos (4 bytes … Update	-	CVE-2026-43222	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

812	8.8	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifs_tcp_ses_lock to protect a lot of objects that are not just the se… Update	-	CVE-2026-43215	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

813	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() Add SRCU read-side protection when reading PDPTR registers in … Update	-	CVE-2026-43214	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

814	7.5	HIGH Adjacent	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release re… Update	-	CVE-2026-43213	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

815	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE The arch definition of cpumask_of_node() cannot handle NUMA_NO_NODE… Update	-	CVE-2026-43212	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

816	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_slot_trylock() error handling Commit a4e772898f8b ("PCI: Add missing bridge lock to pci_bus_lock()") delegates the b… Update	-	CVE-2026-43211	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

817	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: net: do not pass flow_id to set_rps_cpu() Blamed commit made the assumption that the RPS table for each receive queue would have … Update	-	CVE-2026-43208	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

818	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtk_mdp_unregister_m2m_device() on the error handling path to prevent re… Update	-	CVE-2026-43207	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

819	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() The kfd_event_page_set() function writes KFD_SIGNAL_EVENT_LIMIT * 8 b… Update	-	CVE-2026-43206	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

820	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: atm: fore200e: fix use-after-free in tasklets during device removal When the PCA-200E or SBA-200E adapter is being detached, the … Update	-	CVE-2026-43203	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm