Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2431 6.5 警告
Network 		IBM IBM DB2 IBMのIBM DB2における入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2026-1352 2026-04-30 12:11 2026-04-23 Show GitHub Exploit DB Packet Storm
2432 9.8 緊急
Network 		エリクソン CodeChecker エリクソンのCodeCheckerにおける複数の脆弱性 CWE-290
CWE-863
CVE-2026-25660 2026-04-30 12:11 2026-04-24 Show GitHub Exploit DB Packet Storm
2433 7.8 重要
Local 		マイクロソフト PowerShell Microsoft PowerShell セキュリティ機能のバイパスの脆弱性 CWE-20
不適切な入力確認 		CVE-2026-26143 2026-04-30 12:11 2026-04-14 Show GitHub Exploit DB Packet Storm
2434 9.8 緊急
Network 		デル PowerProtect DP Series Appliance
data domain operating system 		デルのdata domain operating system等の複数製品における複数の脆弱性 CWE-121
CWE-787
CVE-2026-26354 2026-04-30 12:11 2026-04-22 Show GitHub Exploit DB Packet Storm
2435 6.2 警告
Local 		アップル iPadOS
iOS 		アップルのiPadOS等の複数製品における認可されていない行為者への個人情報の漏えいに関する脆弱性 CWE-359
認可されていないアクターへの個人情報の漏えい 		CVE-2026-28950 2026-04-30 12:11 2026-04-22 Show GitHub Exploit DB Packet Storm
2436 6.1 警告
Local 		Chainguard Melange ChainguardのMelangeにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-29050 2026-04-30 12:11 2026-04-24 Show GitHub Exploit DB Packet Storm
2437 3.3
Local 		Chainguard Melange ChainguardのMelangeにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-29051 2026-04-30 12:11 2026-04-24 Show GitHub Exploit DB Packet Storm
2438 6.5 警告
Network 		TOTOLINK a3300r ファームウェア TOTOLINKのa3300r ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-31162 2026-04-30 12:11 2026-04-23 Show GitHub Exploit DB Packet Storm
2439 6.5 警告
Network 		TOTOLINK a3300r ファームウェア TOTOLINKのa3300r ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-31163 2026-04-30 12:11 2026-04-23 Show GitHub Exploit DB Packet Storm
2440 6.5 警告
Network 		TOTOLINK a3300r ファームウェア TOTOLINKのa3300r ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-31166 2026-04-30 12:11 2026-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313751 5.0 MEDIUM
Network 		sap crm_abap_insights_management SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-41737 2024-09-12 22:49 2024-08-13 Show GitHub Exploit DB Packet Storm
313752 4.3 MEDIUM
Network 		sap business_objects_business_intelligence_platform SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitatio… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-42375 2024-09-12 22:46 2024-08-13 Show GitHub Exploit DB Packet Storm
313753 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ibmvnic: free reset-work-item when flushing Fix a tiny memory leak when flushing the reset work queue. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2022-48905 2024-09-12 22:44 2024-08-22 Show GitHub Exploit DB Packet Storm
313754 6.5 MEDIUM
Network 		sap shared_service_framework SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high … CWE-862
 Missing Authorization 		CVE-2024-42376 2024-09-12 22:43 2024-08-13 Show GitHub Exploit DB Packet Storm
313755 4.3 MEDIUM
Network 		sap shared_service_framework SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low i… CWE-862
 Missing Authorization 		CVE-2024-42377 2024-09-12 22:42 2024-08-13 Show GitHub Exploit DB Packet Storm
313756 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: mptcp: Correctly set DATA_FIN timeout when number of retransmits is large Syzkaller with UBSAN uncovered a scenario where a large… NVD-CWE-noinfo
CVE-2022-48906 2024-09-12 22:41 2024-08-22 Show GitHub Exploit DB Packet Storm
313757 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() During driver initialization, the pointer of card info, i.e. the… CWE-476
 NULL Pointer Dereference 		CVE-2022-48908 2024-09-12 22:37 2024-08-22 Show GitHub Exploit DB Packet Storm
313758 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smc_release smc_connect_wo… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2022-48909 2024-09-12 22:36 2024-08-22 Show GitHub Exploit DB Packet Storm
313759 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: auxdisplay: lcd2s: Fix memory leak in ->remove() Once allocated the struct lcd2s_data is never freed. Fix the memory leak by swit… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2022-48907 2024-09-12 22:33 2024-08-22 Show GitHub Exploit DB Packet Storm
313760 5.3 MEDIUM
Network 		sap document_builder SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application. CWE-862
 Missing Authorization 		CVE-2024-39591 2024-09-12 22:29 2024-08-13 Show GitHub Exploit DB Packet Storm