Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2091 8.8 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40157 2026-04-27 10:48 2026-04-10 Show GitHub Exploit DB Packet Storm
2092 6.5 警告
Network 		Linux Foundation tekton pipelines Linux Foundationのtekton pipelinesにおける送信データへの重要な情報の挿入に関する脆弱性 CWE-201
CWE-noinfo
CVE-2026-40161 2026-04-27 10:48 2026-04-21 Show GitHub Exploit DB Packet Storm
2093 8.1 重要
Network 		SysAdmins Media HomeBox SysAdmins MediaのHomeBoxにおける不適切な所有権の割り当てに関する脆弱性 CWE-708
不適切な所有権の割り当て 		CVE-2026-40196 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2094 2.7
Network 		OpenBao OpenBao OpenBaoにおけるセキュリティトークンの割り当ての制限に関する脆弱性 CWE-1259
セキュリティトークンの割り当ての不適切な制限 		CVE-2026-40264 2026-04-27 10:48 2026-04-21 Show GitHub Exploit DB Packet Storm
2095 4.3 警告
Network 		dnnsoftware dotnetnuke dnnsoftwareのdotnetnukeにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-40305 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2096 6.5 警告
Network 		dnnsoftware dotnetnuke dnnsoftwareのdotnetnukeにおける不十分なランダム値の使用に関する脆弱性 CWE-330
不十分なランダム値の使用 		CVE-2026-40306 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2097 8 重要
Network 		dnnsoftware dotnetnuke dnnsoftwareのdotnetnukeにおける代替 XSS 構文の不適切な無効化に関する脆弱性 CWE-87
代替 XSS 構文の不適切な無効化 		CVE-2026-40321 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2098 5.3 警告
Network 		The FastAPI Expert python-multipart The FastAPI Expertのpython-multipartにおける複数の脆弱性 CWE-400
CWE-834
CVE-2026-40347 2026-04-27 10:48 2026-04-18 Show GitHub Exploit DB Packet Storm
2099 5.4 警告
Network 		wger wger wger Projectのwgerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40353 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
2100 7.6 重要
Network 		wger wger wger Projectのwgerにおける複数の脆弱性 CWE-284
CWE-862
CVE-2026-40474 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
481 - - - In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the … New - CVE-2025-71298 2026-05-8 23:16 2026-05-8 Show GitHub Exploit DB Packet Storm
482 - - - In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() rtw8822b_set_antenna() can be called from userspace when the chip… New - CVE-2025-71297 2026-05-8 23:16 2026-05-8 Show GitHub Exploit DB Packet Storm
483 - - - In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around purge Acquire and release the GEM object's reservation lock around calls to the ob… New - CVE-2025-71296 2026-05-8 23:16 2026-05-8 Show GitHub Exploit DB Packet Storm
484 8.8 HIGH
Adjacent 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt hci_conn lookup and field access must be covered by h… Update CWE-416
 Use After Free 		CVE-2026-43018 2026-05-8 23:15 2026-05-2 Show GitHub Exploit DB Packet Storm
485 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length mesh_send() currently bounds MGMT_OP_MESH_SEND by total command le… Update NVD-CWE-noinfo
CVE-2026-43017 2026-05-8 23:13 2026-05-2 Show GitHub Exploit DB Packet Storm
486 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshv_region_pin The current error handling has two issues: First, pin_user_pages_fast() can return a… Update NVD-CWE-Other
CVE-2026-43045 2026-05-8 23:04 2026-05-2 Show GitHub Exploit DB Packet Storm
487 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with drop_progress and zero drop_level [BUG] When recovering relocation at mount time, merge_reloc_root(… Update CWE-617
 Reachable Assertion 		CVE-2026-43046 2026-05-8 22:52 2026-05-2 Show GitHub Exploit DB Packet Storm
488 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Check to ensure report responses match the request It is possible for a malicious (or clumsy) device to respond … Update CWE-787
 Out-of-bounds Write 		CVE-2026-43047 2026-05-8 22:50 2026-05-2 Show GitHub Exploit DB Packet Storm
489 - - - Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2. New - CVE-2026-8094 2026-05-8 22:16 2026-05-7 Show GitHub Exploit DB Packet Storm
490 7.3 HIGH
Network 		- - Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2. New CWE-416
 Use After Free 		CVE-2026-8090 2026-05-8 22:16 2026-05-7 Show GitHub Exploit DB Packet Storm