Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2701 8.1 重要
Network 		WWBN AVideo WWBNのAVideoにおける過度に許容されるクロスドメインホワイトリストに関する脆弱性 CWE-942
過度に許容されるクロスドメインホワイトリスト 		CVE-2026-41056 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2702 7.5 重要
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるエントロピー不足に関する脆弱性 CWE-331
エントロピー不足 		CVE-2026-41080 2026-04-27 11:20 2026-04-16 Show GitHub Exploit DB Packet Storm
2703 7.5 重要
Network 		free5gc free5gc
pcf 		free5GCのfree5GC等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-41135 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
2704 5.3 警告
Network 		free5gc free5gc
amf 		free5GCのamf等の複数製品における予期せぬ動作に関する脆弱性  CWE-440
予期せぬ動作 		CVE-2026-41136 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
2705 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-4922 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
2706 6.1 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-5262 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
2707 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-5377 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
2708 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるパスの等価性の不適切な解決に関する脆弱性 CWE-41
パスの等価性の不適切な解決 		CVE-2026-5816 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
2709 9.1 緊急
Network 		Rapid7 velociraptor Rapid7のvelociraptorにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-6290 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
2710 5.3 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6410 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314481 8.8 HIGH
Network 		dlink dns-120_firmware
dnr-202l_firmware
dns-315l_firmware
dns-320_firmware
dns-320l_firmware
dns-320lw_firmware
dns-321_firmware
dnr-322l_firmware
dns-323_firmware
dns-325_firmw… 		** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340… CWE-120
Classic Buffer Overflow 		CVE-2024-7832 2024-08-20 01:02 2024-08-15 Show GitHub Exploit DB Packet Storm
314482 9.8 CRITICAL
Network 		dlink di-8100_firmware A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects the function upgrade_filter_asp of the file upgrade_filter.asp. The manipulation of the argument pa… CWE-77
Command Injection 		CVE-2024-7833 2024-08-20 01:00 2024-08-15 Show GitHub Exploit DB Packet Storm
314483 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1789. Reason: This candidate is a reservation duplicate of CVE-2024-1789. Notes: All CVE users should reference CV… - CVE-2022-1443 2024-08-20 00:15 2024-08-20 Show GitHub Exploit DB Packet Storm
314484 - - - An arbitrary file deletion vulnerability exists in the admin/del.php file at line 62 in ZZCMS 2023 and earlier. Due to insufficient validation and sanitization of user input for file paths, an attack… - CVE-2024-43011 2024-08-19 23:35 2024-08-17 Show GitHub Exploit DB Packet Storm
314485 - - - A reflected cross-site scripting (XSS) vulnerability exists in user/login.php at line 24 in ZZCMS 2023 and earlier. The application directly inserts the value of the HTTP_REFERER header into the HTML… - CVE-2024-43009 2024-08-19 23:35 2024-08-17 Show GitHub Exploit DB Packet Storm
314486 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-43369. Reason: This candidate is a duplicate of CVE-2024-43369. Notes: All CVE users should reference CVE-2024-433… - CVE-2024-43372 2024-08-19 23:15 2024-08-19 Show GitHub Exploit DB Packet Storm
314487 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-39304. Reason: This candidate is a duplicate of CVE-2024-39304. Notes: All CVE users should reference CVE-2024-393… - CVE-2024-39306 2024-08-19 23:15 2024-08-19 Show GitHub Exploit DB Packet Storm
314488 - - - eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in ver… - CVE-2024-25633 2024-08-19 23:15 2024-08-16 Show GitHub Exploit DB Packet Storm
314489 - - - A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file /bolt/editcontent/showcases of the component Showcase Creation Handler. The man… CWE-79
Cross-site Scripting 		CVE-2024-7300 2024-08-19 23:15 2024-07-31 Show GitHub Exploit DB Packet Storm
314490 5.3 MEDIUM
Network 		- - The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_endpoint() function hooked via 'init' in versions up to, and including… - CVE-2023-4730 2024-08-19 22:00 2024-08-17 Show GitHub Exploit DB Packet Storm