Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2021 8.8 重要
Network 		Koha Koha KohaにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-31844 2026-05-11 10:59 2026-03-11 Show GitHub Exploit DB Packet Storm
2022 7.8 重要
Local 		マイクロソフト SQL Server 2019
SQL Server 2025
SQL Server 2016
SQL Server 2022
SQL Server 2017 		SQL サーバーの特権の昇格の脆弱性 CWE-89
SQLインジェクション 		CVE-2026-32167 2026-05-11 10:59 2026-04-14 Show GitHub Exploit DB Packet Storm
2023 7.8 重要
Local 		マイクロソフト SQL Server 2019
SQL Server 2025
SQL Server 2016
SQL Server 2022
SQL Server 2017 		SQL サーバーの特権の昇格の脆弱性 CWE-89
SQLインジェクション 		CVE-2026-32176 2026-05-11 10:58 2026-04-14 Show GitHub Exploit DB Packet Storm
2024 7.5 重要
Network 		マイクロソフト .NET
visual studio 2022 		.NET のなりすましの脆弱性 CWE-138
特殊要素の不適切な無害化 		CVE-2026-32178 2026-05-11 10:58 2026-04-14 Show GitHub Exploit DB Packet Storm
2025 6.5 警告
Local 		sandboxie-plus Sandboxie sandboxie-plusのSandboxieにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-32603 2026-05-11 10:58 2026-05-5 Show GitHub Exploit DB Packet Storm
2026 9.1 緊急
Network 		X.Org Foundation
レッドハット		 X.Org X Server
Red Hat Enterprise Linux 		レッドハット等の複数ベンダの製品における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-34000 2026-05-11 10:58 2026-05-5 Show GitHub Exploit DB Packet Storm
2027 9.1 緊急
Network 		X.Org Foundation
レッドハット		 X.Org X Server
Red Hat Enterprise Linux 		レッドハット等の複数ベンダの製品における不適切な長さの値によるバッファへのアクセスに関する脆弱性 CWE-805
不適切な長さの値によるバッファへのアクセス 		CVE-2026-34002 2026-05-11 10:58 2026-05-5 Show GitHub Exploit DB Packet Storm
2028 8.8 重要
Local 		sandboxie-plus Sandboxie sandboxie-plusのSandboxieにおけるCRLF インジェクションの脆弱性 CWE-93
CRLF インジェクション 		CVE-2026-34458 2026-05-11 10:58 2026-05-5 Show GitHub Exploit DB Packet Storm
2029 8.8 重要
Local 		sandboxie-plus Sandboxie sandboxie-plusのSandboxieにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-34459 2026-05-11 10:58 2026-05-5 Show GitHub Exploit DB Packet Storm
2030 7.8 重要
Local 		sandboxie-plus Sandboxie sandboxie-plusのSandboxieにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-34461 2026-05-11 10:58 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312501 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Make sure the connector is fully initialized… CWE-476
 NULL Pointer Dereference 		CVE-2024-46810 2024-10-5 02:43 2024-09-27 Show GitHub Exploit DB Packet Storm
312502 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL CWE-476
 NULL Pointer Dereference 		CVE-2024-46807 2024-10-5 02:40 2024-09-27 Show GitHub Exploit DB Packet Storm
312503 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is retu… CWE-129
 Improper Validation of Array Index 		CVE-2024-46813 2024-10-5 02:38 2024-09-27 Show GitHub Exploit DB Packet Storm
312504 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used.… CWE-476
 NULL Pointer Dereference 		CVE-2024-46809 2024-10-5 02:33 2024-09-27 Show GitHub Exploit DB Packet Storm
312505 5.3 MEDIUM
Network 		gitlab gitlab An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. An AI feature was found to read unsaniti… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2024-4099 2024-10-5 02:33 2024-09-27 Show GitHub Exploit DB Packet Storm
312506 4.3 MEDIUM
Network 		gitlab gitlab Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauth… CWE-863
 Incorrect Authorization 		CVE-2024-8974 2024-10-5 02:30 2024-09-27 Show GitHub Exploit DB Packet Storm
312507 7.5 HIGH
Network 		ays-pro chatgpt_assistant The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-7713 2024-10-5 02:28 2024-09-27 Show GitHub Exploit DB Packet Storm
312508 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is… CWE-129
 Improper Validation of Array Index 		CVE-2024-46814 2024-10-5 02:27 2024-09-27 Show GitHub Exploit DB Packet Storm
312509 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index a… CWE-129
 Improper Validation of Array Index 		CVE-2024-46818 2024-10-5 02:18 2024-09-27 Show GitHub Exploit DB Packet Storm
312510 7.2 HIGH
Network 		givewp givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.16.1 due to insu… CWE-89
SQL Injection 		CVE-2024-9130 2024-10-5 02:18 2024-09-27 Show GitHub Exploit DB Packet Storm