Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 12:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2261 4.4 警告
Local 		Authzed, Inc. SpiceDB Authzed, Inc.のSpiceDBにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-40091 2026-04-27 11:21 2026-04-15 Show GitHub Exploit DB Packet Storm
2262 5.4 警告
Network 		OpenMage Magento OpenMageのMagentoにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40098 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
2263 7.5 重要
Network 		free5gc free5gc free5GCにおける複数の脆弱性 CWE-285
CWE-636
CVE-2026-40248 2026-04-27 11:21 2026-04-16 Show GitHub Exploit DB Packet Storm
2264 5.8 警告
Network 		free5gc free5gc
udr 		free5GCのfree5GC等の複数製品における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2026-40343 2026-04-27 11:21 2026-04-22 Show GitHub Exploit DB Packet Storm
2265 8.8 重要
Network 		OpenMage Magento OpenMageのMagentoにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-40488 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
2266 9.1 緊急
Network 		FreeScout FreeScout FreeScoutにおける複数の脆弱性 CWE-330
CWE-340
CVE-2026-40496 2026-04-27 11:21 2026-04-21 Show GitHub Exploit DB Packet Storm
2267 8.1 重要
Network 		FreeScout FreeScout FreeScoutにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40497 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2268 8.8 重要
Network 		PJSIP pjsip PJSIPのpjsipにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-40614 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2269 6.5 警告
Network 		decidim decidim Decidim Free Software AssociationのDecidimにおける不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2026-40869 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2270 9.8 緊急
Network 		PJSIP pjsip PJSIPのpjsipにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-40892 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314411 - - - The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be… - CVE-2024-6529 2024-08-1 15:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314412 - - - The Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any WordPress plugin before 2.7.2 does not sanitise and escape some of its settings, which could all… - CVE-2024-4090 2024-08-1 15:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314413 - - - The WooCommerce Customers Manager WordPress plugin before 30.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as d… - CVE-2024-3983 2024-08-1 15:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314414 - - - The WooCommerce Customers Manager WordPress plugin before 30.2 does not have authorisation and CSRF in various AJAX actions, allowing any authenticated users, such as subscriber, to call them and upd… - CVE-2024-1747 2024-08-1 15:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314415 - - - A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipu… CWE-79
Cross-site Scripting 		CVE-2024-7343 2024-08-1 14:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314416 - - - A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The man… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-7342 2024-08-1 14:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314417 - - - A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. This affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation o… CWE-120
Classic Buffer Overflow 		CVE-2024-7338 2024-08-1 13:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314418 - - - A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The man… - CVE-2024-7337 2024-08-1 12:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314419 - - - A vulnerability classified as critical was found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation o… CWE-120
Classic Buffer Overflow 		CVE-2024-7336 2024-08-1 12:15 2024-08-1 Show GitHub Exploit DB Packet Storm
314420 - - - A vulnerability classified as critical has been found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipul… - CVE-2024-7335 2024-08-1 11:15 2024-08-1 Show GitHub Exploit DB Packet Storm