Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2051	5.3	警告 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-41606	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

2052	6.5	警告 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41607	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

2053	7.5	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-41636	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

2054	7.5	重要 Network	Marked project	Marked	Marked projectのMarkedにおける複数の脆弱性	CWE-400 CWE-674 CWE-835	CVE-2026-41680	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

2055	9.8	緊急 Network	Apache Software Foundation	Apache Pony Mail	Apache Software FoundationのApache Pony MailにおけるHTTP リクエストスマグリングに関する脆弱性	CWE-444 HTTP リクエストスマグリング	CVE-2026-41873	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

2056	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41908	2026-04-30 10:58	2026-04-23	Show	GitHub Exploit DB Packet Storm

2057	5.4	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-41909	2026-04-30 10:58	2026-04-23	Show	GitHub Exploit DB Packet Storm

2058	8.8	重要 Network	GitHub	Enterprise Server	GitHubのEnterprise Serverにおける不正な正規表現に関する脆弱性	CWE-185 不正な正規表現	CVE-2026-4296	2026-04-30 10:58	2026-04-21	Show	GitHub Exploit DB Packet Storm

2059	8.8	重要 Network	Kubernetes	ingress-nginx	Kubernetesのingress-nginxにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-4342	2026-04-30 10:58	2026-03-19	Show	GitHub Exploit DB Packet Storm

2060	6.5	警告 Network	レッドハット libarchive	Red Hat OpenShift Container Platform Red Hat Enterprise Linux Red Hat Hardened Images libarchive	libarchive等の複数ベンダの製品における整数への不適切なビットシフトに関する脆弱性	CWE-1335 整数への不適切なビットシフト	CVE-2026-4426	2026-04-30 10:58	2026-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313851	6.1	MEDIUM Network	3ds	3dexperience	A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in use…	CWE-79 Cross-site Scripting	CVE-2024-6379	2024-08-27 18:15	2024-08-20	Show	GitHub Exploit DB Packet Storm

313852	-		-	-	The Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.1 …	-	CVE-2024-8046	2024-08-27 17:15	2024-08-27	Show	GitHub Exploit DB Packet Storm

313853	6.1	MEDIUM Network	3ds	3dexperience	An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect…	CWE-601 Open Redirect	CVE-2024-6377	2024-08-27 17:15	2024-08-20	Show	GitHub Exploit DB Packet Storm

313854	-		-	-	Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01.	-	CVE-2024-7125	2024-08-27 14:15	2024-08-27	Show	GitHub Exploit DB Packet Storm

313855	4.3	MEDIUM Network	-	-	The Oxygen Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the oxy_save_css_from_admin AJAX action in all versions up to, and incl…	-	CVE-2024-6688	2024-08-27 14:15	2024-08-27	Show	GitHub Exploit DB Packet Storm

313856	-		-	-	Rejected reason: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that the issue does not pose a secu…	-	CVE-2024-7989	2024-08-27 06:15	2024-08-27	Show	GitHub Exploit DB Packet Storm

313857	-		-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…	-	CVE-2024-8188	2024-08-27 05:15	2024-08-27	Show	GitHub Exploit DB Packet Storm

313858	9.8	CRITICAL Network	givewp	givewp	The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input fr…	CWE-502 Deserialization of Untrusted Data	CVE-2024-5932	2024-08-27 03:34	2024-08-20	Show	GitHub Exploit DB Packet Storm

313859	6.5	MEDIUM Network	ibm	global_configuration_management	IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls.	NVD-CWE-Other	CVE-2024-41773	2024-08-27 03:33	2024-08-21	Show	GitHub Exploit DB Packet Storm

313860	6.5	MEDIUM Network	ghost	ghost	Ghost is a Node.js content management system. Improper authentication on some endpoints used for member actions would allow an attacker to perform member-only actions, and read member information. Th…	CWE-287 Improper Authentication	CVE-2024-43409	2024-08-27 03:31	2024-08-21	Show	GitHub Exploit DB Packet Storm