Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2531	9.6	緊急 Network	Imagination Technologies Limited	GPU DDK	Imagination Technologies LimitedのGPU DDKにおける複数の脆弱性	CWE-787 CWE-823	CVE-2026-21732	2026-04-23 10:15	2026-03-20	Show	GitHub Exploit DB Packet Storm

2532	7.8	重要 Local	Imagination Technologies Limited	GPU DDK	Imagination Technologies LimitedのGPU DDKにおける同期の欠如に関する脆弱性	CWE-820 同期の欠如	CVE-2026-22163	2026-04-23 10:15	2026-03-20	Show	GitHub Exploit DB Packet Storm

2533	6.8	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおける複数の脆弱性	CWE-284 CWE-693	CVE-2026-22692	2026-04-23 10:15	2026-04-14	Show	GitHub Exploit DB Packet Storm

2534	5.5	警告 Local	gimp	gimp	gimpにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-2271	2026-04-23 10:15	2026-03-26	Show	GitHub Exploit DB Packet Storm

2535	8.2	重要 Network	GNOME Project レッドハット	libsoup Red Hat Enterprise Linux	GNOME Project等の複数ベンダの製品における期限切れのポインタデリファレンスに関する脆弱性	CWE-825 期限切れのポインタデリファレンス	CVE-2026-2436	2026-04-23 10:15	2026-03-26	Show	GitHub Exploit DB Packet Storm

2536	5.4	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24906	2026-04-23 10:15	2026-04-14	Show	GitHub Exploit DB Packet Storm

2537	5.4	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24907	2026-04-23 10:15	2026-04-14	Show	GitHub Exploit DB Packet Storm

2538	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおけるリクエストの直接送信に関する脆弱性	CWE-425 リクエストの直接送信	CVE-2026-25679	2026-04-23 10:14	2026-03-6	Show	GitHub Exploit DB Packet Storm

2539	9.8	緊急 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-25917	2026-04-23 10:14	2026-04-18	Show	GitHub Exploit DB Packet Storm

2540	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-27137	2026-04-23 10:14	2026-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
181	9.8	CRITICAL Network	vm2_project	vm2	vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run() obtains host process object and … Update	CWE-693 Protection Mechanism Failure	CVE-2026-26956	2026-05-9 04:15	2026-05-5	Show	GitHub Exploit DB Packet Storm

182	7.1	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() Although it is guided that `#mbox-cells` must be at least 1, there… Update	CWE-125 Out-of-bounds Read	CVE-2026-43281	2026-05-9 04:13	2026-05-6	Show	GitHub Exploit DB Packet Storm

183	8.8	HIGH Network	jupyter	jupyter_server	Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_d… Update	CWE-22 Path Traversal	CVE-2026-35397	2026-05-9 04:11	2026-05-6	Show	GitHub Exploit DB Packet Storm

184	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port The function ionic_query_port() calls ib_device_get_netdev… Update	CWE-476 NULL Pointer Dereference	CVE-2026-43282	2026-05-9 04:09	2026-05-6	Show	GitHub Exploit DB Packet Storm

185	7.5	HIGH Network	thecodingmachine	gotenberg	Gotenberg is an API-based document conversion tool. In versions 8.30.1 and earlier, the default private-IP deny-lists for the --webhook-deny-list and --api-download-from-deny-list flags use a case-se… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-40280	2026-05-9 04:06	2026-05-6	Show	GitHub Exploit DB Packet Storm

186	7.8	HIGH Local	osgeo	gdal	A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName lead… New	CWE-119 CWE-122 Incorrect Access of Indexable Resource ('Range Error') Heap-based Buffer Overflow	CVE-2026-8086	2026-05-9 04:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

187	7.8	HIGH Local	osgeo	gdal	A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldNam… New	CWE-119 CWE-122 Incorrect Access of Indexable Resource ('Range Error') Heap-based Buffer Overflow	CVE-2026-8087	2026-05-9 04:03	2026-05-8	Show	GitHub Exploit DB Packet Storm

188	7.2	HIGH Network	thecodingmachine	gotenberg	Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal o… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-39383	2026-05-9 04:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

189	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed i… Update	NVD-CWE-noinfo	CVE-2026-43044	2026-05-9 03:58	2026-05-2	Show	GitHub Exploit DB Packet Storm

190	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AF_ALG interface fails to unmark the end of a Scatter/Gather Lis… Update	CWE-476 NULL Pointer Dereference	CVE-2026-43043	2026-05-9 03:57	2026-05-2	Show	GitHub Exploit DB Packet Storm