Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2261 9.8 緊急
Network 		opensagres XDocReport opensagresのXDocReportにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2025-65482 2026-02-5 15:50 2026-01-20 Show GitHub Exploit DB Packet Storm
2262 5.3 警告
Network 		pymdown extensions project pymdown extensions facelessuserのPyMdown Extensionsにおける非効率的な正規表現の複雑さに関する脆弱性 CWE-1333
非効率的な正規表現の複雑さ 		CVE-2025-68142 2026-02-5 15:50 2025-12-16 Show GitHub Exploit DB Packet Storm
2263 9.8 緊急
Network 		code-projects Computer Book Store carmelo (Carmelo Garcia)のComputer Book Storeにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2025-69559 2026-02-5 15:50 2026-01-27 Show GitHub Exploit DB Packet Storm
2264 6.5 警告
Network 		TMS Global Software TMS Management Console TMS Global SoftwareのTMS Management Consoleにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2025-69612 2026-02-5 15:50 2026-01-22 Show GitHub Exploit DB Packet Storm
2265 6.5 警告
Network 		Keichi Takahashi binary-parser Keichi TakahashiのBinary-parserにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-1245 2026-02-5 15:50 2026-01-20 Show GitHub Exploit DB Packet Storm
2266 9.8 緊急
Network 		csa-iot matter GoogleのMatterにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-20418 2026-02-5 15:50 2026-02-2 Show GitHub Exploit DB Packet Storm
2267 9.8 緊急
Network 		tarkov.dev Tarkov Data Manager tarkov.devのTarkov Data Managerにおける複数の脆弱性 CWE-1321
CWE-287
CWE-843
CVE-2026-21854 2026-02-5 15:49 2026-01-7 Show GitHub Exploit DB Packet Storm
2268 6.1 警告
Network 		tarkov.dev Tarkov Data Manager tarkov.devのTarkov Data Managerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-21855 2026-02-5 15:49 2026-01-7 Show GitHub Exploit DB Packet Storm
2269 8.8 重要
Network 		tarkov.dev Tarkov Data Manager tarkov.devのTarkov Data ManagerにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-21856 2026-02-5 15:49 2026-01-7 Show GitHub Exploit DB Packet Storm
2270 5.3 警告
Network 		ajax file browser File Browserにおける複数の脆弱性 CWE-203
CWE-208
CVE-2026-23849 2026-02-5 15:49 2026-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
71 - - - An issue was discovered in MM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Mod… New - CVE-2025-66369 2026-05-6 01:16 2026-05-6 Show GitHub Exploit DB Packet Storm
72 - - - Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._red… New CWE-601
Open Redirect 		CVE-2025-61669 2026-05-6 01:16 2026-05-6 Show GitHub Exploit DB Packet Storm
73 - - - ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS) via the system status webpage. New - CVE-2025-52206 2026-05-6 01:16 2026-05-6 Show GitHub Exploit DB Packet Storm
74 4.9 MEDIUM
Network 		sonicwall sonicos A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall. Update CWE-121
Stack-based Buffer Overflow 		CVE-2026-0206 2026-05-6 01:12 2026-04-30 Show GitHub Exploit DB Packet Storm
75 6.8 MEDIUM
Adjacent 		sonicwall sonicos A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. Update CWE-35
 Path Traversal: '.../...//' 		CVE-2026-0205 2026-05-6 01:12 2026-04-30 Show GitHub Exploit DB Packet Storm
76 8.0 HIGH
Adjacent 		sonicwall sonicos A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions. Update CWE-306
CWE-1390
Missing Authentication for Critical Function
 Weak Authentication 		CVE-2026-0204 2026-05-6 01:11 2026-04-30 Show GitHub Exploit DB Packet Storm
77 5.5 MEDIUM
Local 		wireshark wireshark IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 Update CWE-476
 NULL Pointer Dereference 		CVE-2026-6525 2026-05-6 00:42 2026-05-2 Show GitHub Exploit DB Packet Storm
78 7.8 HIGH
Local 		entechtaiwan tvicport An issue in the TVicPort64.sys component of EnTech Taiwan TVicPort Product v4.0, File v5.2.1.0 allows attackers to escalate privileges via sending crafted IOCTL 0x80002008 requests. Update CWE-20
CWE-269
 Improper Input Validation 
 Improper Privilege Management 		CVE-2026-30769 2026-05-5 23:31 2026-04-30 Show GitHub Exploit DB Packet Storm
79 4.3 MEDIUM
Network 		jenkins azure_ad Jenkins Microsoft Entra ID (previously Azure AD) Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks. Update CWE-601
Open Redirect 		CVE-2026-42525 2026-05-5 23:25 2026-04-29 Show GitHub Exploit DB Packet Storm
80 8.8 HIGH
Network 		agilonhealth minerva An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their … Update CWE-285
Improper Authorization 		CVE-2026-5781 2026-05-5 23:24 2026-04-28 Show GitHub Exploit DB Packet Storm