Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2421	4.4	警告 Local	マイクロソフト	Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 22h2 Microsoft Windows 10 21h2 Microsoft Windows&…	Windows Hello のセキュリティ機能のバイパスの脆弱性	CWE-20 不適切な入力確認	CVE-2026-27906	2026-04-27 11:23	2026-04-14	Show	GitHub Exploit DB Packet Storm

2422	7.5	重要 Network	FFmpeg	FFmpeg	FFmpegにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-30997	2026-04-27 11:23	2026-04-13	Show	GitHub Exploit DB Packet Storm

2423	7.5	重要 Network	FFmpeg	FFmpeg	FFmpegにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-30998	2026-04-27 11:23	2026-04-13	Show	GitHub Exploit DB Packet Storm

2424	7.5	重要 Network	FFmpeg	FFmpeg	FFmpegにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-30999	2026-04-27 11:23	2026-04-13	Show	GitHub Exploit DB Packet Storm

2425	8.8	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおける複数の脆弱性	CWE-284 CWE-94	CVE-2026-31018	2026-04-27 11:23	2026-04-21	Show	GitHub Exploit DB Packet Storm

2426	8.8	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-31019	2026-04-27 11:22	2026-04-21	Show	GitHub Exploit DB Packet Storm

2427	3.5	低 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるレンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限に関する脆弱性	CWE-1021 レンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限	CVE-2026-3254	2026-04-27 11:22	2026-04-22	Show	GitHub Exploit DB Packet Storm

2428	9.9	緊急 Network	Linux Foundation	Spinnaker	Linux FoundationのSpinnakerにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-32604	2026-04-27 11:22	2026-04-20	Show	GitHub Exploit DB Packet Storm

2429	9.9	緊急 Network	Linux Foundation	Spinnaker	Linux FoundationのSpinnakerにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-32613	2026-04-27 11:22	2026-04-20	Show	GitHub Exploit DB Packet Storm

2430	7.8	重要 Local	Podman project	podman	Podman projectのpodmanにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-33414	2026-04-27 11:22	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314211	7.5	HIGH Network	floraison	fugit	fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to p…	NVD-CWE-noinfo	CVE-2024-43380	2024-08-21 21:38	2024-08-20	Show	GitHub Exploit DB Packet Storm

314212	3.1	LOW Network	trufflesecurity	trufflehog	TruffleHog is a secrets scanning tool. Prior to v3.81.9, this vulnerability allows a malicious actor to craft data in a way that, when scanned by specific detectors, could trigger the detector to mak…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-43379	2024-08-21 21:37	2024-08-20	Show	GitHub Exploit DB Packet Storm

314213	9.8	CRITICAL Network	jielink\+_jsotc2016_project	jielink\+_jsotc2016	A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 and classified as problematic. Affected by this vulnerability is an unknown functionali…	NVD-CWE-Other	CVE-2024-7921	2024-08-21 21:34	2024-08-19	Show	GitHub Exploit DB Packet Storm

314214	9.8	CRITICAL Network	microcks	microcks	In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.	NVD-CWE-noinfo	CVE-2024-44076	2024-08-21 21:33	2024-08-19	Show	GitHub Exploit DB Packet Storm

314215	9.8	CRITICAL Network	jielink\+_jsotc2016_project	jielink\+_jsotc2016	A vulnerability, which was classified as problematic, was found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805. Affected is an unknown function of the file /Report/P…	NVD-CWE-Other	CVE-2024-7920	2024-08-21 21:31	2024-08-19	Show	GitHub Exploit DB Packet Storm

314216	9.8	CRITICAL Network	-	-	The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin is vulnerable to PHP Object Injection via de…	-	CVE-2024-5335	2024-08-21 21:30	2024-08-21	Show	GitHub Exploit DB Packet Storm

314217	-		-	-	In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command stats access after free Command may fail while driver is reloading and can't accept FW commands till comman…	-	CVE-2022-48884	2024-08-21 21:30	2024-08-21	Show	GitHub Exploit DB Packet Storm

314218	-		-	-	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent A user is able to configure an arbitrary number of rx que…	-	CVE-2022-48883	2024-08-21 21:30	2024-08-21	Show	GitHub Exploit DB Packet Storm

314219	-		-	-	In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssam_request_sync_free() Although rare, ssam_request_sync_init() can fail. In t…	-	CVE-2022-48880	2024-08-21 21:30	2024-08-21	Show	GitHub Exploit DB Packet Storm

314220	-		-	-	In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan.	-	CVE-2024-7998	2024-08-21 21:30	2024-08-21	Show	GitHub Exploit DB Packet Storm