Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1941 4.3 警告
Network 		Papra Papra Papraにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-35462 2026-04-27 11:17 2026-04-7 Show GitHub Exploit DB Packet Storm
1942 8.1 重要
Network 		RedwoodSDK RedwoodSDK RedwoodSDKにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-39371 2026-04-27 11:17 2026-04-7 Show GitHub Exploit DB Packet Storm
1943 8.1 重要
Network 		Sgbett BSV Ruby SDK (bsv-sdk)
bsv-wallet 		Sgbettのbsv-wallet等の複数製品におけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-40070 2026-04-27 11:17 2026-04-9 Show GitHub Exploit DB Packet Storm
1944 8.1 重要
Network 		Nimiq Nimiq Proof of Stake (core-rs-albatross) NimiqのNimiq Proof of Stake (core-rs-albatross)における入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2026-40093 2026-04-27 11:17 2026-04-9 Show GitHub Exploit DB Packet Storm
1945 5.5 警告
Local 		Giskard Giskard Giskardにおける非効率的な正規表現の複雑さに関する脆弱性 CWE-1333
非効率的な正規表現の複雑さ 		CVE-2026-40319 2026-04-27 11:17 2026-04-17 Show GitHub Exploit DB Packet Storm
1946 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-23356 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
1947 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 CWE-667
不適切なロック 		CVE-2026-23357 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
1948 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-23358 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
1949 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-23359 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
1950 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-23360 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314091 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ExtendThemes Kubio AI Page Builder.This issue affects Kubio AI Page Builder: from n/a thro… - CVE-2024-39661 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314092 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jordy Meow Photo Engine allows Stored XSS.This issue affects Photo Engine: from n/a throug… CWE-79
Cross-site Scripting 		CVE-2024-39660 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314093 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Stored XSS.This issue affects WP-PostRatings: f… CWE-79
Cross-site Scripting 		CVE-2024-39659 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314094 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uncanny Owl Tin Canny Reporting for LearnDash allows Reflected XSS.This issue affects Tin … CWE-79
Cross-site Scripting 		CVE-2024-39656 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314095 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands.This issue affects LiquidPo… CWE-79
Cross-site Scripting 		CVE-2024-39655 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314096 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPWeb Elite WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce P… CWE-79
Cross-site Scripting 		CVE-2024-39652 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314097 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5. CWE-79
Cross-site Scripting 		CVE-2024-39648 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314098 - - - Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue affects Better Find and Replace: from n/a through 1.6.1. CWE-502
 Deserialization of Untrusted Data 		CVE-2024-39636 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314099 - - - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.99. - CVE-2024-38761 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm
314100 - - - Under certain circumstances the exacqVision Web Service can expose authentication token details within communications. - CVE-2024-32931 2024-08-2 21:59 2024-08-2 Show GitHub Exploit DB Packet Storm