Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2541 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-23353 2026-04-27 11:27 2026-03-25 Show GitHub Exploit DB Packet Storm
2542 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2026-23354 2026-04-27 11:27 2026-03-25 Show GitHub Exploit DB Packet Storm
2543 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-23355 2026-04-27 11:27 2026-03-25 Show GitHub Exploit DB Packet Storm
2544 7.4 重要
Network 		ERLANG Erlang/SSL (Erlang SSL)
Erlang/OTP
Erlang/Public Key (Public Key) 		ERLANGのErlang/OTP等の複数製品における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-32144 2026-04-27 11:27 2026-04-7 Show GitHub Exploit DB Packet Storm
2545 9.8 緊急
Network 		CoreWeave marimo CoreWeaveのmarimoにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-39987 2026-04-27 11:27 2026-04-9 Show GitHub Exploit DB Packet Storm
2546 9.8 緊急
Network 		codefuture CF Image Hosting Script codefutureのCF Image Hosting Scriptにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2019-25709 2026-04-27 11:27 2026-04-12 Show GitHub Exploit DB Packet Storm
2547 9.8 緊急
Network 		ERLANG Erlang/Inets (Inets)
Erlang/OTP 		ERLANGのErlang/Inets (Inets)等の複数製品における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-28808 2026-04-27 11:27 2026-04-7 Show GitHub Exploit DB Packet Storm
2548 6.1 警告
Network 		Dovestones Software Ltd AD Phonebook Dovestones Software LtdのAD Phonebookにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-31013 2026-04-27 11:27 2026-04-21 Show GitHub Exploit DB Packet Storm
2549 6.3 警告
Network 		Dovestones Software Ltd AD Self Update Dovestones Software LtdのAD Self Updateにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-31014 2026-04-27 11:27 2026-04-21 Show GitHub Exploit DB Packet Storm
2550 9.8 緊急
Network 		reconurge Flowsint reconurgeのFlowsintにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-32311 2026-04-27 11:27 2026-04-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
671 6.0 MEDIUM
Adjacent 		- - A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions), bluepla… New CWE-89
SQL Injection 		CVE-2026-41125 2026-05-12 23:19 2026-05-12 Show GitHub Exploit DB Packet Storm
672 9.1 CRITICAL
Network 		- - A vulnerability has been identified in ROS# (All versions < V2.2.2). Affected versions contain a path traversal vulnerability because user input is not properly sanitized. This could allow a remote … New CWE-23
 Relative Path Traversal 		CVE-2026-41551 2026-05-12 23:19 2026-05-12 Show GitHub Exploit DB Packet Storm
673 7.8 HIGH
Local 		- - A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR f… New CWE-824
 Access of Uninitialized Pointer 		CVE-2026-44411 2026-05-12 23:19 2026-05-12 Show GitHub Exploit DB Packet Storm
674 7.8 HIGH
Local 		- - A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR f… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-44412 2026-05-12 23:19 2026-05-12 Show GitHub Exploit DB Packet Storm
675 - - - CWE‑331 Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections. New CWE-331
 Insufficient Entropy 		CVE-2026-4827 2026-05-12 23:19 2026-05-12 Show GitHub Exploit DB Packet Storm
676 - - - CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly han… New CWE-22
Path Traversal 		CVE-2026-6865 2026-05-12 23:19 2026-05-12 Show GitHub Exploit DB Packet Storm
677 8.2 HIGH
Local 		- - Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attack… New CWE-78
OS Command  		CVE-2026-35071 2026-05-12 23:17 2026-05-12 Show GitHub Exploit DB Packet Storm
678 6.7 MEDIUM
Local 		- - Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this v… New CWE-250
 Execution with Unnecessary Privileges 		CVE-2026-40638 2026-05-12 23:17 2026-05-12 Show GitHub Exploit DB Packet Storm
679 5.6 MEDIUM
Network 		- - Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthentica… New CWE-302
 Authentication Bypass by Assumed-Immutable Data 		CVE-2025-43992 2026-05-12 23:17 2026-05-11 Show GitHub Exploit DB Packet Storm
680 8.0 HIGH
Network 		- - Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading … New CWE-862
 Missing Authorization 		CVE-2026-32658 2026-05-12 23:17 2026-05-11 Show GitHub Exploit DB Packet Storm