Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2671	7.2	重要 Network	boidcms	boidcms	boidcmsにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2026-39387	2026-04-27 11:21	2026-04-14	Show	GitHub Exploit DB Packet Storm

2672	9.9	緊急 Network	openremote	openremote	openremoteにおける複数の脆弱性	CWE-917 CWE-94	CVE-2026-39842	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

2673	10	緊急 Network	Anthropic PBC	Claude Code	Anthropic PBCのClaude Codeにおける複数の脆弱性	CWE-22 CWE-61	CVE-2026-39861	2026-04-27 11:21	2026-04-21	Show	GitHub Exploit DB Packet Storm

2674	8.1	重要 Network	Suyog Sonwalkar	MCP Server Kubernetes	Suyog SonwalkarのMCP Server Kubernetesにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-39884	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

2675	6.5	警告 Network	jqlang	jq	jqlangのjqにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-39979	2026-04-27 11:21	2026-04-13	Show	GitHub Exploit DB Packet Storm

2676	5.5	警告 Local	Linux Foundation	Sigstore Timestamp Authority	Linux FoundationのSigstore Timestamp Authorityにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-39984	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

2677	7.1	重要 Network	lfprojects	Zarf	lfprojectsのZarfにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40090	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

2678	4.4	警告 Local	Authzed, Inc.	SpiceDB	Authzed, Inc.のSpiceDBにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-40091	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

2679	5.4	警告 Network	OpenMage	Magento	OpenMageのMagentoにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-40098	2026-04-27 11:21	2026-04-20	Show	GitHub Exploit DB Packet Storm

2680	7.5	重要 Network	free5gc	free5gc	free5GCにおける複数の脆弱性	CWE-285 CWE-636	CVE-2026-40248	2026-04-27 11:21	2026-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314571	-		-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wow-Company Modal Window allows Stored XSS.This issue affects Modal Window: from n/a throu…	-	CVE-2024-43346	2024-08-19 21:59	2024-08-18	Show	GitHub Exploit DB Packet Storm

314572	-		-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Icegram allows Stored XSS.This issue affects Icegram: from n/a through 3.1.25.	CWE-79 Cross-site Scripting	CVE-2024-43344	2024-08-19 21:59	2024-08-18	Show	GitHub Exploit DB Packet Storm

314573	-		-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 9.1.2.	CWE-79 Cross-site Scripting	CVE-2024-39666	2024-08-19 21:59	2024-08-18	Show	GitHub Exploit DB Packet Storm

314574	6.4	MEDIUM Network	-	-	The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions…	-	CVE-2024-7703	2024-08-19 21:59	2024-08-17	Show	GitHub Exploit DB Packet Storm

314575	-		-	-	In the Linux kernel, the following vulnerability has been resolved: s390/uv: Don't call folio_wait_writeback() without a folio reference folio_wait_writeback() requires that no spinlocks are held a…	-	CVE-2024-43832	2024-08-19 21:59	2024-08-17	Show	GitHub Exploit DB Packet Storm

314576	-		-	-	In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Handle invalid decoder vsi Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is va…	-	CVE-2024-43831	2024-08-19 21:59	2024-08-17	Show	GitHub Exploit DB Packet Storm

314577	-		-	-	In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typi…	-	CVE-2024-43830	2024-08-19 21:59	2024-08-17	Show	GitHub Exploit DB Packet Storm

314578	-		-	-	In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning wh…	-	CVE-2024-43820	2024-08-19 21:59	2024-08-17	Show	GitHub Exploit DB Packet Storm

314579	-		-	-	In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages On big endian architectures, it is possible to run …	-	CVE-2024-43816	2024-08-19 21:59	2024-08-17	Show	GitHub Exploit DB Packet Storm

314580	-		-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory through the payload field when running AE…	-	CVE-2024-43815	2024-08-19 21:59	2024-08-17	Show	GitHub Exploit DB Packet Storm