Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231 5.3 警告
Network 		Leon Timmermans Crypt::Argon2 Leon TimmermansのCrypt::Argon2における複数の脆弱性 New CWE-126
CWE-191
CVE-2026-8463 2026-05-15 10:53 2026-05-13 Show GitHub Exploit DB Packet Storm
232 7.2 重要
Network 		IBM IBM Security Verify Directory IBMのIBM Security Verify Directoryにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 New CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2025-36074 2026-05-15 10:53 2026-04-23 Show GitHub Exploit DB Packet Storm
233 8.8 重要
Local 		- アップルのmacOSにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2025-43524 2026-05-15 10:53 2026-05-12 Show GitHub Exploit DB Packet Storm
234 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 New CWE-401
有効期限後のメモリの解放の欠如 		CVE-2025-71287 2026-05-15 10:53 2026-05-6 Show GitHub Exploit DB Packet Storm
235 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 New CWE-401
有効期限後のメモリの解放の欠如 		CVE-2025-71288 2026-05-15 10:53 2026-05-6 Show GitHub Exploit DB Packet Storm
236 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 New CWE-noinfo
情報不足 		CVE-2025-71289 2026-05-15 10:53 2026-05-6 Show GitHub Exploit DB Packet Storm
237 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 New CWE-401
有効期限後のメモリの解放の欠如 		CVE-2025-71290 2026-05-15 10:53 2026-05-6 Show GitHub Exploit DB Packet Storm
238 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2025-71291 2026-05-15 10:53 2026-05-6 Show GitHub Exploit DB Packet Storm
239 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 New CWE-noinfo
情報不足 		CVE-2025-71292 2026-05-15 10:53 2026-05-6 Show GitHub Exploit DB Packet Storm
240 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2025-71293 2026-05-15 10:53 2026-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312021 8.0 HIGH
Network 		strawberryrocks strawberry Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in … CWE-352
 Origin Validation Error 		CVE-2024-47082 2024-10-2 05:01 2024-09-26 Show GitHub Exploit DB Packet Storm
312022 7.5 HIGH
Network 		watchguard single_sign-on_client Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network acc… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2024-6594 2024-10-2 04:41 2024-09-25 Show GitHub Exploit DB Packet Storm
312023 9.1 CRITICAL
Network 		watchguard authentication_gateway Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands. This… CWE-863
 Incorrect Authorization 		CVE-2024-6593 2024-10-2 04:37 2024-09-25 Show GitHub Exploit DB Packet Storm
312024 7.5 HIGH
Network 		circutor q-smt_firmware An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web app… CWE-613
 Insufficient Session Expiration 		CVE-2024-8888 2024-10-2 04:30 2024-09-18 Show GitHub Exploit DB Packet Storm
312025 7.8 HIGH
Local 		grafana alloy Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-r… CWE-428
 Unquoted Search Path or Element 		CVE-2024-8975 2024-10-2 04:20 2024-09-26 Show GitHub Exploit DB Packet Storm
312026 7.8 HIGH
Local 		grafana agent Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2 CWE-428
 Unquoted Search Path or Element 		CVE-2024-8996 2024-10-2 04:16 2024-09-26 Show GitHub Exploit DB Packet Storm
312027 7.5 HIGH
Network 		openslides openslides OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords. CWE-326
Inadequate Encryption Strength 		CVE-2024-22892 2024-10-2 04:10 2024-09-26 Show GitHub Exploit DB Packet Storm
312028 6.5 MEDIUM
Network 		ihedvall mdf_library Library MDF (mdflib) v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function CWE-787
 Out-of-bounds Write 		CVE-2024-41445 2024-10-2 04:03 2024-09-26 Show GitHub Exploit DB Packet Storm
312029 5.5 MEDIUM
Local 		devolutions remote_desktop_manager An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-7421 2024-10-2 03:36 2024-09-26 Show GitHub Exploit DB Packet Storm
312030 9.8 CRITICAL
Network 		meshtastic meshtastic_firmware Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly… CWE-863
 Incorrect Authorization 		CVE-2024-47078 2024-10-2 03:29 2024-09-26 Show GitHub Exploit DB Packet Storm