Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2191 7.3 重要
Local 		systemd project systemd systemd projectのsystemdにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40224 2026-04-30 12:29 2026-04-10 Show GitHub Exploit DB Packet Storm
2192 6.4 警告
Physics 		systemd project systemd systemd projectのsystemdにおける領域間での誤ったリソース移動に関する脆弱性 CWE-669
領域間での誤ったリソース移動 		CVE-2026-40225 2026-04-30 12:28 2026-04-10 Show GitHub Exploit DB Packet Storm
2193 6.1 警告
Network 		FreeRDP FreeRDP FreeRDPにおける境界条件の判定に関する脆弱性 CWE-193
境界条件の判定 		CVE-2026-40254 2026-04-30 12:28 2026-04-24 Show GitHub Exploit DB Packet Storm
2194 3.7
Network 		BACnet Stack BACnet Stack BACnet Stackにおける未定義、未指定、または実装定義の動作への依存に関する脆弱性 CWE-758
未定義、未指定、または実装定義の動作への依存 		CVE-2026-40279 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
2195 7.6 重要
Network 		WeGIA WeGIA WeGIAにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40283 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2196 6.5 警告
Network 		OpenFGA OpenFGA OpenFGAにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40293 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2197 9.9 緊急
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける複数の脆弱性 CWE-22
CWE-427
CWE-73
CWE-94
CVE-2026-40342 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2198 8.2 重要
Network 		Minio Inc. Minio Minio Inc.のMinioにおける複数の脆弱性 CWE-287
CWE-306
CVE-2026-40344 2026-04-30 12:28 2026-04-22 Show GitHub Exploit DB Packet Storm
2199 9.8 緊急
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40351 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2200 8.8 重要
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40352 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313411 5.4 MEDIUM
Network 		perfexcrm perfex_crm A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers/Clients.php of the component Parameter … CWE-79
Cross-site Scripting 		CVE-2024-8867 2024-09-17 19:55 2024-09-15 Show GitHub Exploit DB Packet Storm
313412 4.9 MEDIUM
Network 		composio composio A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the arg… CWE-22
Path Traversal 		CVE-2024-8865 2024-09-17 19:50 2024-09-15 Show GitHub Exploit DB Packet Storm
313413 8.8 HIGH
Network 		composio composio A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical. Affected by this vulnerability is the function Calculator of the file python/composio/tools/local/mathema… CWE-94
Code Injection 		CVE-2024-8864 2024-09-17 19:38 2024-09-15 Show GitHub Exploit DB Packet Storm
313414 - - - Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks. - CVE-2024-8039 2024-09-17 11:35 2024-09-14 Show GitHub Exploit DB Packet Storm
313415 8.1 HIGH
Network 		dell smartfabric_os10 Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentia… CWE-798
 Use of Hard-coded Credentials 		CVE-2024-39585 2024-09-17 11:15 2024-09-6 Show GitHub Exploit DB Packet Storm
313416 8.8 HIGH
Network 		- - Windows MSHTML Platform Spoofing Vulnerability CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2024-43461 2024-09-17 10:00 2024-09-11 Show GitHub Exploit DB Packet Storm
313417 9.8 CRITICAL
Network 		progress whatsup_gold In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. CWE-89
SQL Injection 		CVE-2024-6670 2024-09-17 10:00 2024-08-30 Show GitHub Exploit DB Packet Storm
313418 8.8 HIGH
Network 		asterisk asterisk
certified_asterisk 		Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an A… NVD-CWE-Other
CVE-2024-42365 2024-09-17 05:23 2024-08-9 Show GitHub Exploit DB Packet Storm
313419 9.8 CRITICAL
Network 		sonicwall sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the fi… NVD-CWE-noinfo
CVE-2024-40766 2024-09-17 04:48 2024-08-23 Show GitHub Exploit DB Packet Storm
313420 8.8 HIGH
Network 		xwiki pro_macros Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform … CWE-74
Injection 		CVE-2024-42489 2024-09-17 04:46 2024-08-13 Show GitHub Exploit DB Packet Storm