Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2561	7.5	重要 Network	NERDVANA (Michael Conrad)	Crypt-SecretBuffer	NERDVANA (Michael Conrad)のCrypt-SecretBufferにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-5086	2026-05-8 12:10	2026-04-13	Show	GitHub Exploit DB Packet Storm

2562	7.5	重要 Network	JDEGUEST (Jacques Deguest)	Apache::API::Password	JDEGUEST (Jacques Deguest)のApache::API::Passwordにおける暗号の脆弱な PRNG の使用に関する脆弱性	CWE-338 暗号における脆弱な PRNG の使用	CVE-2026-5088	2026-05-8 12:09	2026-04-15	Show	GitHub Exploit DB Packet Storm

2563	8.8	重要 Network	Cerberus, LLC	Cerberus FTP Server	CerberusのCerberus FTP Serverにおける安全に保持されない継承されたパーミッションに関する脆弱性	CWE-278 安全に保持されない継承されたパーミッション	CVE-2026-6265	2026-05-8 12:09	2026-04-27	Show	GitHub Exploit DB Packet Storm

2564	8.8	重要 Network	レッドハット	Red Hat Enterprise Linux AI InstructLab	レッドハットのRed Hat Enterprise Linux AI等の複数製品における信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-6859	2026-05-8 12:09	2026-04-22	Show	GitHub Exploit DB Packet Storm

2565	6.5	警告 Network	Amazon.com, Inc.	tuftool Amazon tough	Amazon.com, Inc.のAmazon tough等の複数製品におけるデジタル署名の検証に関する脆弱性	CWE-347 デジタル署名の不適切な検証	CVE-2026-6966	2026-05-8 12:09	2026-04-24	Show	GitHub Exploit DB Packet Storm

2566	6.5	警告 Network	Amazon.com, Inc.	tuftool Amazon tough	Amazon.com, Inc.のAmazon tough等の複数製品におけるデータの信頼性についての不十分な検証に関する脆弱性	CWE-345 データの信頼性についての不十分な検証	CVE-2026-6967	2026-05-8 12:09	2026-04-24	Show	GitHub Exploit DB Packet Storm

2567	6.5	警告 Network	Amazon.com, Inc.	tuftool Amazon tough	Amazon.com, Inc.のAmazon tough等の複数製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-6968	2026-05-8 12:09	2026-04-24	Show	GitHub Exploit DB Packet Storm

2568	7.5	重要 Network	RRWO (Robert Rothenberg)	Text::Minify::XS	RRWO (Robert Rothenberg)のText::Minify::XSにおける複数の脆弱性	CWE-122 CWE-176	CVE-2026-7040	2026-05-8 12:09	2026-04-27	Show	GitHub Exploit DB Packet Storm

2569	8.4	重要 Local	HMBRAND (H.Merijn Brand)	Text::CSV_XS	HMBRAND (H.Merijn Brand)のText::CSV_XSにおける複数の脆弱性	CWE-416 CWE-825	CVE-2026-7111	2026-05-8 12:09	2026-04-29	Show	GitHub Exploit DB Packet Storm

2570	9.1	緊急 Network	MIYAGAWA (Tatsuhiko Miyagawa)	Plack::Middleware::Xsendfile	MIYAGAWA (Tatsuhiko Miyagawa)のPlack::Middleware::Xsendfileにおける複数の脆弱性	CWE-200 CWE-441 CWE-913	CVE-2026-7381	2026-05-8 12:09	2026-04-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312831	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we can't get max channel used in indirection tables Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing…	NVD-CWE-noinfo	CVE-2024-46834	2024-10-10 00:57	2024-09-27	Show	GitHub Exploit DB Packet Storm

312832	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnl_num When query reg inf of SSU, it loops tnl_num times. However, tnl_num comes fr…	CWE-129 Improper Validation of Array Index	CVE-2024-46833	2024-10-10 00:54	2024-09-27	Show	GitHub Exploit DB Packet Storm

312833	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed This avoids warning: [ 0.118053] BUG: sleeping functi…	NVD-CWE-noinfo	CVE-2024-46832	2024-10-10 00:51	2024-09-27	Show	GitHub Exploit DB Packet Storm

312834	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed_udc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not …	CWE-129 Improper Validation of Array Index	CVE-2024-46836	2024-10-10 00:47	2024-09-27	Show	GitHub Exploit DB Packet Storm

312835	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on group_create We were allowing any users to create a high priority group without any perm…	NVD-CWE-noinfo	CVE-2024-46837	2024-10-10 00:37	2024-09-27	Show	GitHub Exploit DB Packet Storm

312836	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: userfaultfd: don't BUG_ON() if khugepaged yanks our page table Since khugepaged was changed to allow retracting page tables in fi…	NVD-CWE-noinfo	CVE-2024-46838	2024-10-10 00:35	2024-09-27	Show	GitHub Exploit DB Packet Storm

312837	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix validity interception issue when gisa is switched off We might run into a SIE validity if gisa has been disabled e…	CWE-908 Use of Uninitialized Resource	CVE-2024-45005	2024-10-10 00:30	2024-09-5	Show	GitHub Exploit DB Packet Storm

312838	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load, but keep the sealed payload in the …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-45004	2024-10-10 00:19	2024-09-5	Show	GitHub Exploit DB Packet Storm

312839	7.8	HIGH Local	authenticator	authenticator	Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data were stored encrypted at-rest using only AES-256 and the EV…	CWE-326 CWE-327 Inadequate Encryption Strength Use of a Broken or Risky Cryptographic Algorithm	CVE-2024-45394	2024-10-10 00:15	2024-09-4	Show	GitHub Exploit DB Packet Storm

312840	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf alloc_size alignment and atomic op panic The MANA driver's RX buffer alloc_size is passed into napi_build_s…	NVD-CWE-noinfo	CVE-2024-45001	2024-10-9 23:49	2024-09-5	Show	GitHub Exploit DB Packet Storm