Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1991	8.8	重要 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42229	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1992	6.1	警告 Network	n8n	n8n	n8nにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-42230	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1993	8.8	重要 Network	n8n	n8n	n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-42231	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1994	8.8	重要 Network	n8n	n8n	n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-42232	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1995	9.8	緊急 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42233	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1996	8.8	重要 Network	n8n	n8n	n8nにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-42234	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1997	9.6	緊急 Network	n8n	n8n	n8nにおける複数の脆弱性	CWE-79 CWE-87	CVE-2026-42235	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1998	7.5	重要 Network	n8n	n8n	n8nにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-42236	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

1999	8.8	重要 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42237	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2000	9.8	緊急 Network	nginxui	Nginx UI	Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-42238	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312681	-	-	-	In drm service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.	-	CVE-2024-39433	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312682	-	-	-	In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.	-	CVE-2024-39432	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312683	-	-	-	In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.	-	CVE-2024-39431	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312684	-	-	-	A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of…	-	CVE-2024-9029	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312685	-	-	-	The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissi…	-	CVE-2024-7400	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312686	-	-	-	CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPComm…	CWE-77 Command Injection	CVE-2024-47177	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312687	-	-	-	Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMConference.asmx function.	-	CVE-2024-40508	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312688	-	-	-	Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMPersonnel.asmx function.	-	CVE-2024-40507	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312689	-	-	-	Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMHospitality.asmx function.	-	CVE-2024-40506	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm

312690	-	-	-	A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is…	-	CVE-2024-45986	2024-09-30 21:46	2024-09-27	Show	GitHub Exploit DB Packet Storm