Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 12:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2481	5.4	警告 Network	opensourcepos	open source point of sale	opensourceposのopen source point of saleにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-39380	2026-04-27 10:48	2026-04-7	Show	GitHub Exploit DB Packet Storm

2482	7.6	重要 Network	FreeScout	FreeScout	FreeScoutにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-39384	2026-04-27 10:48	2026-04-7	Show	GitHub Exploit DB Packet Storm

2483	3.1	低 Network	OpenBao	OpenBao	OpenBaoにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-39388	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

2484	4.9	警告 Network	OpenBao	OpenBao	OpenBaoにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-39946	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

2485	5.7	警告 Adjacent	OpenClaw	OpenClaw	OpenClawにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2026-40045	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

2486	6.5	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-40150	2026-04-27 10:48	2026-04-9	Show	GitHub Exploit DB Packet Storm

2487	8.8	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40157	2026-04-27 10:48	2026-04-10	Show	GitHub Exploit DB Packet Storm

2488	6.5	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおける送信データへの重要な情報の挿入に関する脆弱性	CWE-201 CWE-noinfo	CVE-2026-40161	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

2489	8.1	重要 Network	SysAdmins Media	HomeBox	SysAdmins MediaのHomeBoxにおける不適切な所有権の割り当てに関する脆弱性	CWE-708 不適切な所有権の割り当て	CVE-2026-40196	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

2490	2.7	低 Network	OpenBao	OpenBao	OpenBaoにおけるセキュリティトークンの割り当ての制限に関する脆弱性	CWE-1259 セキュリティトークンの割り当ての不適切な制限	CVE-2026-40264	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351	6.3	MEDIUM Network	-	-	SOPlanning 1.52.00 is vulnerable to SQL Injection by an authenticated user via projets.php with statut[]. New	CWE-89 SQL Injection	CVE-2024-33722	2026-05-9 03:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

352	7.3	HIGH Network	-	-	Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page. New	CWE-89 SQL Injection	CVE-2024-33288	2026-05-9 03:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

353	5.3	MEDIUM Local	-	-	In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported. New	CWE-77 Command Injection	CVE-2023-47268	2026-05-9 03:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

354	-		-	-	Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not ex… New	CWE-672 Operation on a Resource after Expiration or Release	CVE-2013-10075	2026-05-9 03:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

355	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject immediate NF_QUEUE verdict nft_queue is always used from userspace nftables to deliver the NF_QUEUE … Update	NVD-CWE-noinfo	CVE-2026-43024	2026-05-9 03:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

356	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: gpib: lpvo_usb: fix memory leak on disconnect The driver iterates over the registered USB interfaces during GPIB attach and takes… Update	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-31760	2026-05-9 03:11	2026-05-2	Show	GitHub Exploit DB Packet Storm

357	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Move iio_device_register() to correct location iio_device_register() should be at the end of the probe functi… Update	CWE-362 Race Condition	CVE-2026-31761	2026-05-9 03:11	2026-05-2	Show	GitHub Exploit DB Packet Storm

358	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix irq resource leak The interrupt handler is setup but only a few lines down if iio_trigger_register() fail… Update	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-31762	2026-05-9 03:09	2026-05-2	Show	GitHub Exploit DB Packet Storm

359	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix incorrect free_irq() variable The handler for the IRQ part of this driver is mpu3050->trig but, in the te… Update	NVD-CWE-noinfo	CVE-2026-31763	2026-05-9 03:05	2026-05-2	Show	GitHub Exploit DB Packet Storm

360	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: Set buffer sampling frequency for accelerometer only The st_lsm6dsx_hwfifo_odr_store() function, which is c… Update	CWE-129 Improper Validation of Array Index	CVE-2026-31764	2026-05-9 03:04	2026-05-2	Show	GitHub Exploit DB Packet Storm