Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2631 8.8 重要
Network 		マイクロソフト Azure Logic Apps Azure Logic Apps の特権昇格の脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-32171 2026-04-30 12:31 2026-04-14 Show GitHub Exploit DB Packet Storm
2632 7.5 重要
Network 		getkirby kirby getkirbyのkirbyにおけるブラインド XPath インジェクションの脆弱性 CWE-91
ブラインド XPath インジェクション 		CVE-2026-32870 2026-04-30 12:31 2026-04-24 Show GitHub Exploit DB Packet Storm
2633 9.8 緊急
Network 		Roxy-WI Roxy-WI Roxy-WIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-33076 2026-04-30 12:31 2026-04-24 Show GitHub Exploit DB Packet Storm
2634 7.5 重要
Network 		Roxy-WI Roxy-WI Roxy-WIにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-33077 2026-04-30 12:30 2026-04-24 Show GitHub Exploit DB Packet Storm
2635 9.8 緊急
Network 		Roxy-WI Roxy-WI Roxy-WIにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-33078 2026-04-30 12:30 2026-04-24 Show GitHub Exploit DB Packet Storm
2636 8.8 重要
Network 		Roxy-WI Roxy-WI Roxy-WIにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-33208 2026-04-30 12:30 2026-04-24 Show GitHub Exploit DB Packet Storm
2637 7.5 重要
Network 		PowerDNS dnsdist PowerDNSのdnsdistにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-33254 2026-04-30 12:30 2026-04-22 Show GitHub Exploit DB Packet Storm
2638 7.5 重要
Network 		PowerDNS PowerDNS Recursor PowerDNSのPowerDNS Recursorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-33256 2026-04-30 12:30 2026-04-22 Show GitHub Exploit DB Packet Storm
2639 7.5 重要
Network 		PowerDNS PowerDNS Recursor PowerDNSのPowerDNS Recursorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-33258 2026-04-30 12:30 2026-04-22 Show GitHub Exploit DB Packet Storm
2640 5 警告
Network 		PowerDNS PowerDNS Recursor PowerDNSのPowerDNS Recursorにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-33259 2026-04-30 12:30 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313901 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smc_release smc_connect_wo… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2022-48909 2024-09-12 22:36 2024-08-22 Show GitHub Exploit DB Packet Storm
313902 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: auxdisplay: lcd2s: Fix memory leak in ->remove() Once allocated the struct lcd2s_data is never freed. Fix the memory leak by swit… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2022-48907 2024-09-12 22:33 2024-08-22 Show GitHub Exploit DB Packet Storm
313903 5.3 MEDIUM
Network 		sap document_builder SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application. CWE-862
 Missing Authorization 		CVE-2024-39591 2024-09-12 22:29 2024-08-13 Show GitHub Exploit DB Packet Storm
313904 4.3 MEDIUM
Network 		sap netweaver_application_server_abap Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user relate… CWE-862
 Missing Authorization 		CVE-2024-41734 2024-09-12 22:28 2024-08-13 Show GitHub Exploit DB Packet Storm
313905 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before real_num_tx_queues is zeroed xennet_destroy_queues() relies on info->netdev->real_num_tx_queu… CWE-476
 NULL Pointer Dereference 		CVE-2022-48914 2024-09-12 22:27 2024-08-22 Show GitHub Exploit DB Packet Storm
313906 5.4 MEDIUM
Network 		sap student_life_cycle_management SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could a… CWE-862
 Missing Authorization 		CVE-2024-42373 2024-09-12 22:26 2024-08-13 Show GitHub Exploit DB Packet Storm
313907 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no gua… CWE-416
 Use After Free 		CVE-2022-48911 2024-09-12 22:24 2024-08-22 Show GitHub Exploit DB Packet Storm
313908 - - - Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the … - CVE-2024-45857 2024-09-12 22:15 2024-09-12 Show GitHub Exploit DB Packet Storm
313909 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double list_add when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kerne… NVD-CWE-noinfo
CVE-2022-48916 2024-09-12 22:11 2024-08-22 Show GitHub Exploit DB Packet Storm
313910 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min While the $val/$val2 values passed in from userspace are always >= … NVD-CWE-noinfo
CVE-2022-48917 2024-09-12 22:07 2024-08-22 Show GitHub Exploit DB Packet Storm