Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2611	7.2	重要 Network	citeum	opencti	citeumのopenctiにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-1336 テンプレートエンジンで使用される特殊な要素の不適切な無効化	CVE-2026-39980	2026-04-23 10:11	2026-04-9	Show	GitHub Exploit DB Packet Storm

2612	6.1	警告 Network	McGill University	LORIS (Longitudinal Online Research and Imaging System)	McGill UniversityのLORIS (Longitudinal Online Research and Imaging System)におけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-39985	2026-04-23 10:11	2026-04-9	Show	GitHub Exploit DB Packet Storm

2613	5.3	警告 Network	Apache Software Foundation	Apache Log4cxx	Apache Software FoundationのApache Log4cxxにおけるエンコードおよびエスケープに関する脆弱性	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-40023	2026-04-23 10:11	2026-04-10	Show	GitHub Exploit DB Packet Storm

2614	4.8	警告 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性	CWE-113 CWE-444 CWE-918	CVE-2026-40175	2026-04-23 10:11	2026-04-10	Show	GitHub Exploit DB Packet Storm

2615	3.7	低 Network	phpseclib	phpseclib	phpseclibにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-40194	2026-04-23 10:11	2026-04-10	Show	GitHub Exploit DB Packet Storm

2616	7.5	重要 Network	free5gc	free5gc	free5GCにおける複数の脆弱性	CWE-200 CWE-202 CWE-209	CVE-2026-40245	2026-04-23 10:11	2026-04-16	Show	GitHub Exploit DB Packet Storm

2617	7.5	重要 Network	free5gc	free5gc	free5GCにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-40246	2026-04-23 10:11	2026-04-16	Show	GitHub Exploit DB Packet Storm

2618	7.5	重要 Network	free5gc	free5gc	free5GCにおける複数の脆弱性	CWE-285 CWE-636	CVE-2026-40247	2026-04-23 10:11	2026-04-16	Show	GitHub Exploit DB Packet Storm

2619	5.3	警告 Network	free5gc	free5gc	free5GCにおける複数の脆弱性	CWE-636 CWE-754	CVE-2026-40249	2026-04-23 10:11	2026-04-16	Show	GitHub Exploit DB Packet Storm

2620	8.1	重要 Network	FastGPT	FastGPT	FastGPTにおける複数の脆弱性	CWE-284 CWE-639	CVE-2026-40252	2026-04-23 10:10	2026-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
131	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount i… Update	NVD-CWE-Other	CVE-2026-43264	2026-05-9 05:33	2026-05-6	Show	GitHub Exploit DB Packet Storm

132	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is delete… Update	CWE-415 Double Free	CVE-2026-43260	2026-05-9 05:31	2026-05-6	Show	GitHub Exploit DB Packet Storm

133	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platform_set_drvdata() as the data will be used in remove(). Update	NVD-CWE-noinfo	CVE-2026-43259	2026-05-9 05:31	2026-05-6	Show	GitHub Exploit DB Packet Storm

134	8.1	HIGH Network	google	chrome	Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security… New	NVD-CWE-noinfo CWE-693 Protection Mechanism Failure	CVE-2026-8018	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

135	4.2	MEDIUM Network	google	chrome	Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted H… New	CWE-20 Improper Input Validation	CVE-2026-7989	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

136	3.1	LOW Network	google	chrome	Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.… New	NVD-CWE-noinfo CWE-284 CWE-693 Improper Access Control Protection Mechanism Failure	CVE-2026-7959	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

137	4.3	MEDIUM Network	google	chrome	Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site iso… New	NVD-CWE-noinfo CWE-693 Protection Mechanism Failure	CVE-2026-7946	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

138	4.4	MEDIUM Local	google	chrome	Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: M… New	NVD-CWE-noinfo CWE-693 Protection Mechanism Failure	CVE-2026-7932	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

139	8.3	HIGH Network	google	chrome	Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a… New	NVD-CWE-noinfo CWE-20 Improper Input Validation	CVE-2026-7916	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

140	8.1	HIGH Network	-	-	SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint that allows authenticated users to read arbitrary .json fi… New	CWE-22 Path Traversal	CVE-2026-7807	2026-05-9 05:16	2026-05-9	Show	GitHub Exploit DB Packet Storm