Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2411	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-7902	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2412	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性	CWE-472 不変と仮定される Web パラメータの外部制御	CVE-2026-7903	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2413	4.3	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-7904	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2414	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-7905	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2415	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7906	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2416	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7907	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2417	9.6	緊急 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7908	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2418	3.1	低 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける保護メカニズムの不具合に関する脆弱性	CWE-693 保護メカニズムの不具合	CVE-2026-7909	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2419	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7911	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2420	4.2	警告 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性	CWE-472 不変と仮定される Web パラメータの外部制御	CVE-2026-7912	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312831	6.1	MEDIUM Network	ckeditor	ckeditor5	CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting (XSS) vulnerability is present in the CKEditor 5 clipboard package. This vu…	CWE-79 Cross-site Scripting	CVE-2024-45613	2024-10-2 07:15	2024-09-25	Show	GitHub Exploit DB Packet Storm

312832	6.5	MEDIUM Network	apache	druid	Apache Druid allows users with certain permissions to read data from other database systems using JDBC. This functionality allows trusted users to set up Druid lookups or run ingestion tasks. Druid a…	NVD-CWE-noinfo	CVE-2024-45537	2024-10-2 05:41	2024-09-18	Show	GitHub Exploit DB Packet Storm

312833	7.8	HIGH Local	restsharp	restsharp	RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to `RestRequest.AddHeader` (the header value) is vulnerable to CRLF injection. The same applies to `RestRequest.AddOrUpdat…	CWE-74 Injection	CVE-2024-45302	2024-10-2 05:05	2024-08-30	Show	GitHub Exploit DB Packet Storm

312834	8.0	HIGH Network	strawberryrocks	strawberry	Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in …	CWE-352 Origin Validation Error	CVE-2024-47082	2024-10-2 05:01	2024-09-26	Show	GitHub Exploit DB Packet Storm

312835	7.5	HIGH Network	watchguard	single_sign-on_client	Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network acc…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2024-6594	2024-10-2 04:41	2024-09-25	Show	GitHub Exploit DB Packet Storm

312836	9.1	CRITICAL Network	watchguard	authentication_gateway	Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands. This…	CWE-863 Incorrect Authorization	CVE-2024-6593	2024-10-2 04:37	2024-09-25	Show	GitHub Exploit DB Packet Storm

312837	7.5	HIGH Network	circutor	q-smt_firmware	An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web app…	CWE-613 Insufficient Session Expiration	CVE-2024-8888	2024-10-2 04:30	2024-09-18	Show	GitHub Exploit DB Packet Storm

312838	7.8	HIGH Local	grafana	alloy	Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-r…	CWE-428 Unquoted Search Path or Element	CVE-2024-8975	2024-10-2 04:20	2024-09-26	Show	GitHub Exploit DB Packet Storm

312839	7.8	HIGH Local	grafana	agent	Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2	CWE-428 Unquoted Search Path or Element	CVE-2024-8996	2024-10-2 04:16	2024-09-26	Show	GitHub Exploit DB Packet Storm

312840	7.5	HIGH Network	openslides	openslides	OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.	CWE-326 Inadequate Encryption Strength	CVE-2024-22892	2024-10-2 04:10	2024-09-26	Show	GitHub Exploit DB Packet Storm