Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250371 2.6 注意 Plume CMS - Plume におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3985 2011-10-13 12:04 2011-10-13 Show GitHub Exploit DB Packet Storm
250372 2.1 注意 IBM - IBM AIX の QLogic adapters 用 Fibre Channel ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3982 2011-10-12 16:09 2011-02-3 Show GitHub Exploit DB Packet Storm
250373 9.3 危険 チェック・ポイント・ソフトウェア・テクノロジーズ - Check Point の 複数の製品における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-1827 2011-10-12 16:05 2011-10-5 Show GitHub Exploit DB Packet Storm
250374 7.5 危険 Exim Development - Exim の src/dkim.c 内の dkim_exim_verify_finish 関数における任意のコードを実行される脆弱性 CWE-134
書式文字列の問題 		CVE-2011-1764 2011-10-12 16:00 2011-04-29 Show GitHub Exploit DB Packet Storm
250375 2.1 注意 Ted Felix - Ted Felix acpid の acpid.c におけるサービス運用妨害 (デーモンハング) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1159 2011-10-12 15:55 2011-10-5 Show GitHub Exploit DB Packet Storm
250376 7.8 危険 Linux - Linux kernel の net/dns_resolver/dns_key.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-1076 2011-10-12 15:45 2011-10-5 Show GitHub Exploit DB Packet Storm
250377 4.3 警告 リアルネットワークス - RealNetworks RealPlayer の ActiveX コントロールにおけるクロスゾーンスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1221 2011-10-12 15:13 2011-08-26 Show GitHub Exploit DB Packet Storm
250378 9.3 危険 アドビシステムズ - Adobe Photoshop Elements におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2443 2011-10-12 15:12 2011-09-30 Show GitHub Exploit DB Packet Storm
250379 5 警告 Quassel IRC - Quassel の CtcpParser::packedReply メソッドにおけるサービス運用妨害 (クラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3354 2011-10-12 15:12 2011-10-4 Show GitHub Exploit DB Packet Storm
250380 6.8 警告 VMware - VMware の Spring Framework および Spring Security におけるセキュリティ制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2894 2011-10-12 15:11 2011-09-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1041 8.8 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attack… CWE-863
 Incorrect Authorization 		CVE-2026-41344 2026-04-30 00:52 2026-04-24 Show GitHub Exploit DB Packet Storm
1042 10.0 CRITICAL
Network 		voidzero vite\+ Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `downloadPackageManager()` accepts an untrusted `version` string and uses it directly in filesystem paths. A… CWE-22
Path Traversal 		CVE-2026-41211 2026-04-30 00:49 2026-04-23 Show GitHub Exploit DB Packet Storm
1043 7.8 HIGH
Local 		parzivalhack pyspector PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to preve… CWE-184
 Incomplete Blacklist 		CVE-2026-41206 2026-04-30 00:48 2026-04-23 Show GitHub Exploit DB Packet Storm
1044 5.4 MEDIUM
Network 		siemvk openlearn OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when `safeMode` is enabled, unapproved forum posts are hidden from the public list, but … CWE-284
Improper Access Control 		CVE-2026-41243 2026-04-30 00:39 2026-04-23 Show GitHub Exploit DB Packet Storm
1045 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release() unregisters raw CAN receive filters via can_rx_unregister(), but… CWE-416
 Use After Free 		CVE-2026-31532 2026-04-30 00:26 2026-04-23 Show GitHub Exploit DB Packet Storm
1046 7.3 HIGH
Network 		- - A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c. This impacts the function search_papers of the file research_se… CWE-22
Path Traversal 		CVE-2026-7384 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
1047 - - - TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function. - CVE-2026-36841 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
1048 9.8 CRITICAL
Network 		pipecat pipecat Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Versions 0.0.41 through 0.0.93 have a vulnerability in `LivekitFrameSerializer` – an opti… CWE-502
 Deserialization of Untrusted Data 		CVE-2025-62373 2026-04-30 00:00 2026-04-24 Show GitHub Exploit DB Packet Storm
1049 6.1 MEDIUM
Network 		cure53 dompurify DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBID_TAGS and FORBID_ATTR handling when function-based ADD_TA… CWE-79
CWE-183
Cross-site Scripting
 Permissive List of Allowed Inputs 		CVE-2026-41240 2026-04-29 23:58 2026-04-24 Show GitHub Exploit DB Packet Storm
1050 9.8 CRITICAL
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUSY handling in tls_do_encryption(), introduced by c… CWE-416
 Use After Free 		CVE-2026-31533 2026-04-29 23:51 2026-04-24 Show GitHub Exploit DB Packet Storm