Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2931 7.1 重要
Network 		lfprojects Zarf lfprojectsのZarfにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40090 2026-04-27 11:21 2026-04-15 Show GitHub Exploit DB Packet Storm
2932 4.4 警告
Local 		Authzed, Inc. SpiceDB Authzed, Inc.のSpiceDBにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-40091 2026-04-27 11:21 2026-04-15 Show GitHub Exploit DB Packet Storm
2933 5.4 警告
Network 		OpenMage Magento OpenMageのMagentoにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40098 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
2934 7.5 重要
Network 		free5gc free5gc free5GCにおける複数の脆弱性 CWE-285
CWE-636
CVE-2026-40248 2026-04-27 11:21 2026-04-16 Show GitHub Exploit DB Packet Storm
2935 5.8 警告
Network 		free5gc free5gc
udr 		free5GCのfree5GC等の複数製品における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2026-40343 2026-04-27 11:21 2026-04-22 Show GitHub Exploit DB Packet Storm
2936 8.8 重要
Network 		OpenMage Magento OpenMageのMagentoにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-40488 2026-04-27 11:21 2026-04-20 Show GitHub Exploit DB Packet Storm
2937 9.1 緊急
Network 		FreeScout FreeScout FreeScoutにおける複数の脆弱性 CWE-330
CWE-340
CVE-2026-40496 2026-04-27 11:21 2026-04-21 Show GitHub Exploit DB Packet Storm
2938 8.1 重要
Network 		FreeScout FreeScout FreeScoutにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40497 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2939 8.8 重要
Network 		PJSIP pjsip PJSIPのpjsipにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-40614 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2940 6.5 警告
Network 		decidim decidim Decidim Free Software AssociationのDecidimにおける不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2026-40869 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315131 7.8 HIGH
Local 		adobe indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitat… CWE-787
 Out-of-bounds Write 		CVE-2024-39390 2024-08-20 01:22 2024-08-15 Show GitHub Exploit DB Packet Storm
315132 5.5 MEDIUM
Local 		adobe indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit th… CWE-476
 NULL Pointer Dereference 		CVE-2024-39395 2024-08-20 01:21 2024-08-15 Show GitHub Exploit DB Packet Storm
315133 7.8 HIGH
Local 		adobe indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitat… CWE-787
 Out-of-bounds Write 		CVE-2024-39394 2024-08-20 01:21 2024-08-15 Show GitHub Exploit DB Packet Storm
315134 7.5 HIGH
Network 		f5 nginx_plus When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Techni… CWE-672
 Operation on a Resource after Expiration or Release 		CVE-2024-39792 2024-08-20 01:20 2024-08-15 Show GitHub Exploit DB Packet Storm
315135 7.5 HIGH
Network 		f5 big-ip_access_policy_manager
big-ip_advanced_firewall_manager
big-ip_advanced_web_application_firewall
big-ip_analytics
big-ip_application_acceleration_manager
big-ip_application_secur… 		When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.   Note: Software versions which have reached End of Te… NVD-CWE-noinfo
CVE-2024-39778 2024-08-20 01:20 2024-08-15 Show GitHub Exploit DB Packet Storm
315136 8.8 HIGH
Network 		f5 big-ip_next_central_manager The Central Manager user session refresh token does not expire when a user logs out.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated CWE-613
 Insufficient Session Expiration 		CVE-2024-39809 2024-08-20 01:19 2024-08-15 Show GitHub Exploit DB Packet Storm
315137 7.5 HIGH
Network 		dahuasecurity nvr4104-4ks2\/l_firmware
nvr4108-4ks2\/l_firmware
nvr4116-4ks2\/l_firmware
nvr4104-p-4ks2\/l_firmware
nvr4108-p-4ks2\/l_firmware
nvr4108-8p-4ks2\/l_firmware
nvr4116-8p-4ks2\/l_firmw… 		A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. NVD-CWE-noinfo
CVE-2024-39949 2024-08-20 01:18 2024-07-31 Show GitHub Exploit DB Packet Storm
315138 7.8 HIGH
Local 		adobe indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Ex… CWE-787
 Out-of-bounds Write 		CVE-2024-39389 2024-08-20 01:17 2024-08-15 Show GitHub Exploit DB Packet Storm
315139 7.5 HIGH
Network 		dahuasecurity nvr4104-4ks2\/l_firmware
nvr4108-4ks2\/l_firmware
nvr4116-4ks2\/l_firmware
nvr4104-p-4ks2\/l_firmware
nvr4108-p-4ks2\/l_firmware
nvr4108-8p-4ks2\/l_firmware
nvr4116-8p-4ks2\/l_firmw… 		A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. NVD-CWE-noinfo
CVE-2024-39948 2024-08-20 01:17 2024-07-31 Show GitHub Exploit DB Packet Storm
315140 6.5 MEDIUM
Network 		dahuasecurity nvr4104-4ks2\/l_firmware
nvr4108-4ks2\/l_firmware
nvr4116-4ks2\/l_firmware
nvr4104-p-4ks2\/l_firmware
nvr4108-p-4ks2\/l_firmware
nvr4108-8p-4ks2\/l_firmware
nvr4116-8p-4ks2\/l_firmw… 		A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities… NVD-CWE-noinfo
CVE-2024-39947 2024-08-20 01:17 2024-07-31 Show GitHub Exploit DB Packet Storm