Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2741 9.1 緊急
Network 		Dolibarr ERP & CRM dolibarr erp/crm Dolibarr ERP & CRMのdolibarr erp/crmにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-23500 2026-05-7 12:06 2026-04-17 Show GitHub Exploit DB Packet Storm
2742 5.3 警告
Local 		FreeType Project FreeType FreeType ProjectのFreeTypeにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-23865 2026-05-7 12:06 2026-03-2 Show GitHub Exploit DB Packet Storm
2743 6.5 警告
Network 		Linux Foundation tekton pipelines Linux Foundationのtekton pipelinesにおける不正な正規表現に関する脆弱性 CWE-185
不正な正規表現 		CVE-2026-25542 2026-05-7 12:06 2026-04-21 Show GitHub Exploit DB Packet Storm
2744 6.5 警告
Adjacent 		FRRouting Project FRRouting FRRouting ProjectのFRRoutingにおける複数の脆弱性 CWE-125
CWE-190
CVE-2026-28532 2026-05-7 12:06 2026-04-30 Show GitHub Exploit DB Packet Storm
2745 8.8 重要
Network 		CloudARK KubePlus CloudARKのKubePlusにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-29955 2026-05-7 12:06 2026-04-13 Show GitHub Exploit DB Packet Storm
2746 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける領域間での誤ったリソース移動に関する脆弱性 CWE-669
領域間での誤ったリソース移動 		CVE-2026-31431 2026-05-7 12:06 2026-04-22 Show GitHub Exploit DB Packet Storm
2747 5.3 警告
Network 		レッドハット
kernel.org		 util-linux
Red Hat Hardened Images 		kernel.org等の複数ベンダの製品における代替名による認証回避に関する脆弱性 CWE-289
代替名による認証回避 		CVE-2026-3184 2026-05-7 12:06 2026-04-3 Show GitHub Exploit DB Packet Storm
2748 5.5 警告
Local 		Electron electron Electronのelectronにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-34764 2026-05-7 12:06 2026-04-6 Show GitHub Exploit DB Packet Storm
2749 10 緊急
Network 		traefik traefik traefikにおけるデータの信頼性についての不十分な検証に関する脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2026-35051 2026-05-7 12:06 2026-04-30 Show GitHub Exploit DB Packet Storm
2750 7.1 重要
Network 		デル iDRAC10 Firmware デルのiDRAC10 Firmwareにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-35155 2026-05-7 12:06 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313141 4.3 MEDIUM
Network 		- - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-7859. Reason: This candidate is a reservation duplicate of CVE-2024-7859. Notes: All CVE users should reference CV… - CVE-2024-8197 2024-10-5 01:15 2024-08-27 Show GitHub Exploit DB Packet Storm
313142 9.8 CRITICAL
Network 		wpjobportal wp_job_portal The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Local File Inclusion, Arbitrary Settings Update, and User Creation in all vers… CWE-862
 Missing Authorization 		CVE-2024-7950 2024-10-5 01:12 2024-09-4 Show GitHub Exploit DB Packet Storm
313143 4.3 MEDIUM
Network 		fluentforms contact_form The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability… CWE-862
 Missing Authorization 		CVE-2024-5053 2024-10-5 01:02 2024-09-1 Show GitHub Exploit DB Packet Storm
313144 4.3 MEDIUM
Network 		radiustheme the_post_grid The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.7.11 via… NVD-CWE-noinfo
CVE-2024-7418 2024-10-5 01:01 2024-08-29 Show GitHub Exploit DB Packet Storm
313145 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() dc_state_destruct() nulls the resource context of the… CWE-476
 NULL Pointer Dereference 		CVE-2024-46851 2024-10-5 01:00 2024-09-27 Show GitHub Exploit DB Packet Storm
313146 5.3 MEDIUM
Network 		givewp givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.15.1. This is due to the plugin utilizing Symf… CWE-209
Information Exposure Through an Error Message 		CVE-2024-6551 2024-10-5 00:57 2024-08-29 Show GitHub Exploit DB Packet Storm
313147 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn35_set_drr() and dc_state_destruct() dc_state_destruct() nulls the resource context of the… CWE-476
 NULL Pointer Dereference 		CVE-2024-46850 2024-10-5 00:30 2024-09-27 Show GitHub Exploit DB Packet Storm
313148 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perf… NVD-CWE-noinfo
CVE-2024-46848 2024-10-5 00:23 2024-09-27 Show GitHub Exploit DB Packet Storm
313149 7.5 HIGH
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote… CWE-476
CWE-400
 NULL Pointer Dereference
 Uncontrolled Resource Consumption 		CVE-2024-8454 2024-10-5 00:11 2024-09-30 Show GitHub Exploit DB Packet Storm
313150 4.9 MEDIUM
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files … CWE-328
CWE-759
 Use of Weak Hash
 Use of a One-Way Hash without a Salt 		CVE-2024-8453 2024-10-5 00:10 2024-09-30 Show GitHub Exploit DB Packet Storm