Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1931 4.7 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける複数の脆弱性 CWE-367
CWE-59
CVE-2026-35359 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1932 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35360 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1933 5.6 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35363 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1934 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35364 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1935 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 CWE-732
重要なリソースに対する不適切なパーミッションの割り当て 		CVE-2026-35367 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1936 7.8 重要
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-35368 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1937 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-35377 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1938 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性 CWE-684
指定された機能の不適切な提供 		CVE-2026-35381 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
1939 5.4 警告
Network 		Papra Papra Papraにおける複数の脆弱性 CWE-79
CWE-80
CVE-2026-35460 2026-04-27 11:17 2026-04-7 Show GitHub Exploit DB Packet Storm
1940 4.3 警告
Network 		Papra Papra Papraにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-35461 2026-04-27 11:17 2026-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
621 7.8 HIGH
Local 		qualcomm fastconnect_6900_firmware
fastconnect_7800_firmware
iqx5121_firmware
iqx7181_firmware
qca0000_firmware
sc8380xp_firmware
sd865_5g_firmware
snapdragon_xr2_5g_firmware
snapdrago… 		Memory corruption when processing camera sensor input/output control codes with invalid output buffers. Update CWE-822
CWE-119
 Untrusted Pointer Dereference
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2025-47405 2026-05-7 03:03 2026-05-5 Show GitHub Exploit DB Packet Storm
622 7.8 HIGH
Local 		qualcomm fastconnect_6200_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
iqx5121_firmware
iqx7181_firmware
qca0000_firmware
sc8380xp_firmware
sd865_5g_firmware
sm6250_fir… 		Memory corruption when another driver calls an IOCTL with invalid input/output buffer. Update CWE-822
CWE-119
 Untrusted Pointer Dereference
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2025-47408 2026-05-7 03:03 2026-05-5 Show GitHub Exploit DB Packet Storm
623 5.5 MEDIUM
Local 		qualcomm cologne_firmware
fastconnect_6700_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
iqx5121_firmware
iqx7181_firmware
qca0000_firmware
qcm5430_firmware
qcm6490_firm… 		Information Disclosure while processing IOCTL handler callbacks without verifying buffer size. Update CWE-126
CWE-125
 Buffer Over-read
Out-of-bounds Read 		CVE-2025-47406 2026-05-7 03:02 2026-05-5 Show GitHub Exploit DB Packet Storm
624 7.0 HIGH
Local 		qualcomm cq7790_firmware
cq8725s_firmware
fastconnect_6200_firmware
fastconnect_6700_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
g2_gen_1_firmware
molokai_firmware
net… 		Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level. Update CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2025-47407 2026-05-7 03:02 2026-05-5 Show GitHub Exploit DB Packet Storm
625 7.8 HIGH
Local 		qualcomm qxm1096_firmware
robotics_rb2_firmware
robotics_rb5_firmware
sa4150p_firmware
sa4155p_firmware
sa6145p_firmware
sa6150p_firmware
sa6155p_firmware
sa7255p_firmware
sa7775p_f… 		Memory Corruption when copying data from a freed source while executing performance counter deselect operation. Update CWE-416
 Use After Free 		CVE-2026-24082 2026-05-7 03:02 2026-05-5 Show GitHub Exploit DB Packet Storm
626 7.8 HIGH
Local 		qualcomm cologne_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
sc8380xp_firmware
snapdragon_ar1_gen_1_firmware
wcd9378c_firmware
wcd9380_firmware
wcd9385_firmware
wcn786… 		Memory corruption while processing IOCTL command when device is in power-save state. Update CWE-749
CWE-787
 Exposed Dangerous Method or Function
 Out-of-bounds Write 		CVE-2026-25266 2026-05-7 03:02 2026-05-5 Show GitHub Exploit DB Packet Storm
627 9.8 CRITICAL
Network 		qualcomm qca7005_firmware Buffer overflow due to incorrect authorization in PLC FW Update CWE-863
 Incorrect Authorization 		CVE-2026-25293 2026-05-7 03:01 2026-05-5 Show GitHub Exploit DB Packet Storm
628 9.1 CRITICAL
Network 		apache opennlp XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor … Update CWE-611
XXE 		CVE-2026-40682 2026-05-7 03:00 2026-05-5 Show GitHub Exploit DB Packet Storm
629 9.8 CRITICAL
Network 		apache opennlp Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description:  The ExtensionLoader.instantiateExtension(C… Update CWE-470
Unsafe Reflection 		CVE-2026-42027 2026-05-7 03:00 2026-05-5 Show GitHub Exploit DB Packet Storm
630 9.8 CRITICAL
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. In version 2.3.5, an unauthenticated bootstrap takeover exists in nginx-ui during the initial installation window exposed by POST /api/insta… New CWE-284
CWE-306
Improper Access Control
Missing Authentication for Critical Function 		CVE-2026-42222 2026-05-7 02:47 2026-05-5 Show GitHub Exploit DB Packet Storm