Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2851	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2026-31672	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

2852	8.1	重要 Network	xibosignage	xibo	xibosignageのxiboにおける複数の脆弱性	CWE-184 CWE-89	CVE-2026-31952	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

2853	5.4	警告 Network	xibosignage	xibo	xibosignageのxiboにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-31953	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

2854	4.9	警告 Network	xibosignage	xibo	xibosignageのxiboにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-31955	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

2855	4.3	警告 Network	xibosignage	xibo	xibosignageのxiboにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-31956	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

2856	8.8	重要 Network	マイクロソフト	Azure Logic Apps	Azure Logic Apps の特権昇格の脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-32171	2026-04-30 12:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

2857	7.5	重要 Network	getkirby	kirby	getkirbyのkirbyにおけるブラインド XPath インジェクションの脆弱性	CWE-91 ブラインド XPath インジェクション	CVE-2026-32870	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

2858	9.8	緊急 Network	Roxy-WI	Roxy-WI	Roxy-WIにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33076	2026-04-30 12:31	2026-04-24	Show	GitHub Exploit DB Packet Storm

2859	7.5	重要 Network	Roxy-WI	Roxy-WI	Roxy-WIにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33077	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

2860	9.8	緊急 Network	Roxy-WI	Roxy-WI	Roxy-WIにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-33078	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314161	6.4	MEDIUM Network	gitlab	gitlab	An issue was discovered in GitLab EE affecting all versions starting 17.0 to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1 allows an attacker to execute arbitrary command in a victim's pipel…	CWE-77 Command Injection	CVE-2024-7110	2024-09-12 01:52	2024-08-23	Show	GitHub Exploit DB Packet Storm

314162	6.5	MEDIUM Network	gitlab	gitlab	An issue was discovered in GitLab CE/EE affecting all versions starting from 8.2 prior to 17.1.6 starting from 17.2 prior to 17.2.4, and starting from 17.3 prior to 17.3.1, which allows an attacker t…	NVD-CWE-noinfo	CVE-2024-6502	2024-09-12 01:49	2024-08-23	Show	GitHub Exploit DB Packet Storm

314163	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() In zynq_qspi_exec_mem_op(), kzalloc() is directly u…	CWE-476 NULL Pointer Dereference	CVE-2021-4441	2024-09-12 01:43	2024-08-22	Show	GitHub Exploit DB Packet Storm

314164	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota rescan and disable leading to NULL pointer deref If we have one task trying to start the quota resc…	CWE-476 NULL Pointer Dereference	CVE-2023-52896	2024-09-12 01:37	2024-08-21	Show	GitHub Exploit DB Packet Storm

314165	5.4	MEDIUM Network	share-this-image	share_this_image	The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STI Buttons shortcode in all versions up to, and including, 2.02 due to insufficient input sani…	CWE-79 Cross-site Scripting	CVE-2024-8363	2024-09-12 01:35	2024-09-5	Show	GitHub Exploit DB Packet Storm

314166	5.3	MEDIUM Network	ivorysearch	ivory_search	The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.5.6 via the ajax_load_posts function. This makes it possi…	NVD-CWE-noinfo	CVE-2024-6835	2024-09-12 01:32	2024-09-5	Show	GitHub Exploit DB Packet Storm

314167	8.1	HIGH Network	bitapps	file_manager	The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessi…	CWE-362 Race Condition	CVE-2024-7627	2024-09-12 01:31	2024-09-5	Show	GitHub Exploit DB Packet Storm

314168	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: don't reissue in case of poll race on multishot request A previous commit fixed a poll race that can occur, but it…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2023-52895	2024-09-12 01:31	2024-08-21	Show	GitHub Exploit DB Packet Storm

314169	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() In Google internal bug 265639009 we've received an (as yet) unr…	CWE-476 NULL Pointer Dereference	CVE-2023-52894	2024-09-12 01:27	2024-08-21	Show	GitHub Exploit DB Packet Storm

314170	-		-	-	An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 through 7.0.3 change password endpoint may allow an authent…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-45327	2024-09-12 01:26	2024-09-11	Show	GitHub Exploit DB Packet Storm