Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2931	8.6	重要 Network	VMware	Spring AI	VMwareのSpring AIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-40967	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2932	7.5	重要 Adjacent	VMware	Spring Boot	VMwareのSpring Bootにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-40972	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2933	7	重要 Local	VMware	Spring Boot	VMwareのSpring Bootにおける安全でない一時ファイルに関する脆弱性	CWE-377 安全でない一時ファイル	CVE-2026-40973	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2934	7.5	重要 Network	VMware	Spring Boot	VMwareのSpring Bootにおける不十分なランダム値の使用に関する脆弱性	CWE-330 不十分なランダム値の使用	CVE-2026-40975	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2935	9.1	緊急 Network	VMware	Spring Boot	VMwareのSpring Bootにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-40976	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2936	6.7	警告 Local	VMware	Spring Boot	VMwareのSpring Bootにおけるリンク解釈に関する脆弱性	CWE-59 リンク解釈の問題	CVE-2026-40977	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2937	8.8	重要 Network	VMware	Spring AI	VMwareのSpring AIにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-40978	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2938	6.1	警告 Local	VMware	Spring AI	VMwareのSpring AIにおける安全でない一時ファイルに関する脆弱性	CWE-377 安全でない一時ファイル	CVE-2026-40979	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2939	6.5	警告 Network	VMware	Spring AI	VMwareのSpring AIにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-40980	2026-05-1 10:47	2026-04-28	Show	GitHub Exploit DB Packet Storm

2940	5.3	警告 Local	OpenClaw	OpenClaw	OpenClawにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-41332	2026-05-1 10:47	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314011	-		-	-	Rejected reason: This CVE is a duplicate of another CVE.	-	CVE-2024-45804	2024-09-18 03:15	2024-09-18	Show	GitHub Exploit DB Packet Storm

314012	6.5	MEDIUM Network	bitapps	bit_form	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a through 2.6.4.	NVD-CWE-noinfo	CVE-2024-43251	2024-09-18 03:10	2024-08-27	Show	GitHub Exploit DB Packet Storm

314013	9.6	CRITICAL Network	joplin_project	joplin	Joplin is a free, open source note taking and to-do application. Joplin fails to take into account that "<" followed by a non letter character will not be considered html. As such it is possible to d…	CWE-79 Cross-site Scripting	CVE-2024-40643	2024-09-18 03:03	2024-09-10	Show	GitHub Exploit DB Packet Storm

314014	6.5	MEDIUM Network	techexcel	back_office_software	This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulne…	CWE-863 Incorrect Authorization	CVE-2024-8601	2024-09-18 02:54	2024-09-9	Show	GitHub Exploit DB Packet Storm

314015	7.1	HIGH Local	microsoft	azure_network_watcher_agent	Azure Network Watcher VM Agent Elevation of Privilege Vulnerability	NVD-CWE-noinfo	CVE-2024-38188	2024-09-18 02:49	2024-09-11	Show	GitHub Exploit DB Packet Storm

314016	7.3	HIGH Local	microsoft	azure_network_watcher_agent	Azure Network Watcher VM Agent Elevation of Privilege Vulnerability	NVD-CWE-noinfo	CVE-2024-43470	2024-09-18 02:35	2024-09-11	Show	GitHub Exploit DB Packet Storm

314017	3.1	LOW Adjacent	rapid7	insight_platform	Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of…	CWE-862 Missing Authorization	CVE-2024-8042	2024-09-18 02:25	2024-09-10	Show	GitHub Exploit DB Packet Storm

314018	7.5	HIGH Adjacent	microsoft	windows_10_1507 windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_11_24h2 windows_10_1607 windows_server_2016 windows_10_22h2 windows_11_23h2 windows…	Windows Network Address Translation (NAT) Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-38119	2024-09-18 02:23	2024-09-11	Show	GitHub Exploit DB Packet Storm

314019	9.9	CRITICAL Network	microsoft	azure_web_apps	An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.	NVD-CWE-noinfo	CVE-2024-38194	2024-09-18 02:02	2024-09-11	Show	GitHub Exploit DB Packet Storm

314020	9.0	CRITICAL Network	microsoft	azure_stack_hub	Azure Stack Hub Elevation of Privilege Vulnerability	NVD-CWE-noinfo	CVE-2024-38216	2024-09-18 02:00	2024-09-11	Show	GitHub Exploit DB Packet Storm