Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
271 8.1 重要
Network 		redis Redis Redis Ltd.のRedisにおける解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-23631 2026-05-8 12:08 2026-05-5 Show GitHub Exploit DB Packet Storm
272 6.5 警告
Network 		マイクロソフト Microsoft Visual Studio Code CoPilot Chat Extension GitHub Copilot と Visual Studio Code の情報漏えいの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-23653 2026-05-8 12:08 2026-04-14 Show GitHub Exploit DB Packet Storm
273 8.1 重要
Network 		フォーティネット FortiSOAR フォーティネットのFortiSOARにおける複数の脆弱性 New CWE-287
CWE-862
CVE-2026-23708 2026-05-8 12:08 2026-04-14 Show GitHub Exploit DB Packet Storm
274 8.8 重要
Network 		redis Redis Redis Ltd.のRedisにおけるヒープベースのバッファオーバーフローの脆弱性 New CWE-122
ヒープオーバーフロー 		CVE-2026-25243 2026-05-8 12:08 2026-05-5 Show GitHub Exploit DB Packet Storm
275 7.8 重要
Local 		クアルコム X2000094 ファームウェア
XG101002 ファームウェア
Snapdragon AR1 Gen 1 ファームウェア
WSA8835 ファームウェア
XG101032 ファームウェア
WSA8830 ファームウェア
fastconnect 7800&nb… 		クアルコムのCologne ファームウェア等の複数製品における複数の脆弱性 New CWE-749
CWE-787
CVE-2026-25266 2026-05-8 12:08 2026-05-4 Show GitHub Exploit DB Packet Storm
276 9.8 緊急
Network 		クアルコム QCA7005 ファームウェア クアルコムのQCA7005 ファームウェアにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-25293 2026-05-8 12:08 2026-05-4 Show GitHub Exploit DB Packet Storm
277 10 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 New CWE-693
CWE-94
CVE-2026-26332 2026-05-8 12:08 2026-05-4 Show GitHub Exploit DB Packet Storm
278 9.8 緊急
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-28474 2026-05-8 12:08 2026-03-5 Show GitHub Exploit DB Packet Storm
279 9.8 緊急
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP Serverにおけるヒープベースのバッファオーバーフローの脆弱性 New CWE-122
ヒープオーバーフロー 		CVE-2026-28780 2026-05-8 12:08 2026-05-5 Show GitHub Exploit DB Packet Storm
280 7.3 重要
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP Serverにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-29168 2026-05-8 12:08 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312511 7.8 HIGH
Local 		automationanywhere automation_360 A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload. NOTE: Automation Anywhere disputes this report, arg… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2024-41226 2024-09-4 06:15 2024-08-6 Show GitHub Exploit DB Packet Storm
312512 9.8 CRITICAL
Network 		project_expense_monitoring_system_project project_expense_monitoring_system A vulnerability classified as critical was found in itsourcecode Project Expense Monitoring System 1.0. This vulnerability affects unknown code of the file printtransfer.php. The manipulation of the … CWE-89
SQL Injection 		CVE-2024-7937 2024-09-4 05:43 2024-08-20 Show GitHub Exploit DB Packet Storm
312513 9.8 CRITICAL
Network 		project_expense_monitoring_system_project project_expense_monitoring_system A vulnerability classified as critical has been found in itsourcecode Project Expense Monitoring System 1.0. This affects an unknown part of the file transferred_report.php. The manipulation of the a… CWE-89
SQL Injection 		CVE-2024-7936 2024-09-4 05:43 2024-08-20 Show GitHub Exploit DB Packet Storm
312514 5.4 MEDIUM
Network 		rems leads_manager_tool A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the ar… CWE-79
Cross-site Scripting 		CVE-2024-7942 2024-09-4 05:39 2024-08-20 Show GitHub Exploit DB Packet Storm
312515 - - - ClickHouse v24.3.3.102 was discovered to contain a buffer overflow via the component DB::evaluateConstantExpressionImpl. - CVE-2024-41436 2024-09-4 05:35 2024-09-4 Show GitHub Exploit DB Packet Storm
312516 - - - A CSV injection vulnerability in Lime Survey v6.5.12 allows attackers to execute arbitrary code via uploading a crafted CSV file. - CVE-2024-42901 2024-09-4 05:35 2024-09-4 Show GitHub Exploit DB Packet Storm
312517 8.8 HIGH
Network 		adonesevangelista laravel_property_management_system A vulnerability was found in itsourcecode Laravel Property Management System 1.0 and classified as critical. This issue affects the function upload of the file PropertiesController.php. The manipulat… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-7943 2024-09-4 05:35 2024-08-20 Show GitHub Exploit DB Packet Storm
312518 5.4 MEDIUM
Network 		posimyth the_plus_addons_for_elementor The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the video_date attribute wi… CWE-79
Cross-site Scripting 		CVE-2024-5763 2024-09-4 05:31 2024-08-20 Show GitHub Exploit DB Packet Storm
312519 5.4 MEDIUM
Network 		posimyth the_plus_addons_for_elementor The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘res_width_value’ param… CWE-79
Cross-site Scripting 		CVE-2024-6575 2024-09-4 05:30 2024-08-20 Show GitHub Exploit DB Packet Storm
312520 5.4 MEDIUM
Network 		sayandatta wp_last_modified_info The WP Last Modified Info plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘template’ attribute of the lmt-post-modified-info shortcode in all versions up to, and including, … CWE-79
Cross-site Scripting 		CVE-2024-6864 2024-09-4 05:22 2024-08-20 Show GitHub Exploit DB Packet Storm