Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2171	8.8	重要 Network	n8n	n8n	n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-42232	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2172	9.8	緊急 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42233	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2173	8.8	重要 Network	n8n	n8n	n8nにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-42234	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2174	9.6	緊急 Network	n8n	n8n	n8nにおける複数の脆弱性	CWE-79 CWE-87	CVE-2026-42235	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2175	7.5	重要 Network	n8n	n8n	n8nにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-42236	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2176	8.8	重要 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42237	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2177	9.8	緊急 Network	nginxui	Nginx UI	Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-42238	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2178	7.7	重要 Network	OpenClaw	OpenClaw	OpenClawにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42438	2026-05-8 12:22	2026-05-5	Show	GitHub Exploit DB Packet Storm

2179	8.5	重要 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-862 CWE-918	CVE-2026-42439	2026-05-8 12:22	2026-05-5	Show	GitHub Exploit DB Packet Storm

2180	7.5	重要 Network	Apache Software Foundation	Apache OpenNLP	Apache Software FoundationのApache OpenNLPにおける過剰なサイズ値のメモリ割り当てに関する脆弱性	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-42440	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312731	9.8	CRITICAL Network	telerik	ui_for_wpf	In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements.	CWE-77 Command Injection	CVE-2024-7575	2024-10-3 22:52	2024-09-25	Show	GitHub Exploit DB Packet Storm

312732	9.8	CRITICAL Network	telerik	ui_for_wpf	In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.	CWE-502 Deserialization of Untrusted Data	CVE-2024-7576	2024-10-3 22:51	2024-09-25	Show	GitHub Exploit DB Packet Storm

312733	7.5	HIGH Network	cisco	ios ios_xe	A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to relo…	CWE-787 Out-of-bounds Write	CVE-2024-20433	2024-10-3 22:34	2024-09-26	Show	GitHub Exploit DB Packet Storm

312734	9.8	CRITICAL Network	tduckcloud	tduckpro	A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The at…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2024-8692	2024-10-3 22:17	2024-09-12	Show	GitHub Exploit DB Packet Storm

312735	7.8	HIGH Local	cisco	ios_xr	A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. T…	CWE-78 OS Command	CVE-2024-20398	2024-10-3 10:47	2024-09-12	Show	GitHub Exploit DB Packet Storm

312736	7.2	HIGH Network	cisco	ios_xr	Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacke…	CWE-78 OS Command	CVE-2024-20483	2024-10-3 10:44	2024-09-12	Show	GitHub Exploit DB Packet Storm

312737	5.5	MEDIUM Local	cisco	ios_xr	A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerabilit…	CWE-522 Insufficiently Protected Credentials	CVE-2024-20489	2024-10-3 10:40	2024-09-12	Show	GitHub Exploit DB Packet Storm

312738	7.2	HIGH Network	paloaltonetworks	pan-os	A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.	CWE-78 OS Command	CVE-2024-8686	2024-10-3 10:35	2024-09-12	Show	GitHub Exploit DB Packet Storm

312739	7.8	HIGH Local	telerik	ui_for_wpf	In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.	CWE-502 Deserialization of Untrusted Data	CVE-2024-8316	2024-10-3 10:01	2024-09-25	Show	GitHub Exploit DB Packet Storm

312740	5.5	MEDIUM Local	papercut	papercut_ng papercut_mf	An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incor…	CWE-77 Command Injection	CVE-2024-8405	2024-10-3 09:51	2024-09-26	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed