Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2801 5.3 警告
Network 		Apache Software Foundation Apache log4net Apache Software FoundationのApache log4netにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-40021 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
2802 5.3 警告
Network 		Daniel Gatis Rembg Daniel GatisのRembgにおける複数の脆弱性 CWE-22
CWE-73
CVE-2026-40086 2026-04-24 11:42 2026-04-10 Show GitHub Exploit DB Packet Storm
2803 5.4 警告
Network 		FUTO Immich FUTOのImmichにおける複数の脆弱性 CWE-601
CWE-79
CVE-2026-40096 2026-04-24 11:42 2026-04-15 Show GitHub Exploit DB Packet Storm
2804 8.2 重要
Network 		XWiki xwiki XWikiのxwikiにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40104 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
2805 6.1 警告
Network 		XWiki xwiki XWikiのxwikiにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-40105 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
2806 6.1 警告
Network 		Prometheus Prometheus Prometheusにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40179 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
2807 7.5 重要
Network 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-40192 2026-04-24 11:41 2026-04-15 Show GitHub Exploit DB Packet Storm
2808 8.2 重要
Network 		maddy project maddy maddy projectのmaddyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40193 2026-04-24 11:41 2026-04-16 Show GitHub Exploit DB Packet Storm
2809 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40244 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
2810 7.1 重要
Local 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40250 2026-04-24 11:41 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315311 9.8 CRITICAL
Network 		- - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2024-6046 2024-06-18 20:15 2024-06-17 Show GitHub Exploit DB Packet Storm
315312 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2021-47472 2024-06-18 02:15 2024-05-22 Show GitHub Exploit DB Packet Storm
315313 - - - Rejected reason: ** REJECT ** Duplicate assignment. Please use CVE-2024-0845 instead. - CVE-2024-1469 2024-06-18 00:15 2024-06-18 Show GitHub Exploit DB Packet Storm
315314 8.8 HIGH
Network 		- - The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. These emails are sent without using an encrypted transmission protocol. If an attacker intercepts the pack… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-5996 2024-06-17 21:42 2024-06-14 Show GitHub Exploit DB Packet Storm
315315 - - - Rejected reason: ** REJECT ** Duplicate reservation. Please use CVE-2024-4258 instead. - CVE-2024-2875 2024-06-15 06:15 2024-06-15 Show GitHub Exploit DB Packet Storm
315316 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid… - CVE-2024-5934 2024-06-15 01:15 2024-06-15 Show GitHub Exploit DB Packet Storm
315317 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2024-36699 2024-06-15 00:15 2024-06-12 Show GitHub Exploit DB Packet Storm
315318 - - - Rejected reason: ** REJECT ** Duplicate of CVE-2024-4305. Please use CVE-2024-4305 instead. - CVE-2024-5758 2024-06-14 06:15 2024-06-8 Show GitHub Exploit DB Packet Storm
315319 - - - Rejected reason: reserved but not needed - CVE-2021-4237 2024-06-14 00:15 2024-06-14 Show GitHub Exploit DB Packet Storm
315320 4.8 MEDIUM
Network 		- - Rejected reason: ** REJECT ** Accidental duplicate assignment of CVE-2024-4755. Please use CVE-2024-4755. - CVE-2024-5656 2024-06-13 23:15 2024-06-6 Show GitHub Exploit DB Packet Storm