Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3021	5.5	警告 Local	Canonical	pdfunite	Canonicalのpdfuniteにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2018-25306	2026-05-7 10:53	2026-04-29	Show	GitHub Exploit DB Packet Storm

3022	9.8	緊急 Network	Kvcache-ai	Ktransformers	Kvcache-aiのKtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-26210	2026-05-7 10:53	2026-04-23	Show	GitHub Exploit DB Packet Storm

3023	7.1	重要 Local	デル	Dell/Alienware Purchased Apps	デルのDell/Alienware Purchased Appsにおけるリンク解釈に関する脆弱性	CWE-59 リンク解釈の問題	CVE-2026-27105	2026-05-7 10:53	2026-04-29	Show	GitHub Exploit DB Packet Storm

3024	7.8	重要 Local	entechtaiwan	TViPort	entechtaiwanのTViPortにおける複数の脆弱性	CWE-20 CWE-269	CVE-2026-30769	2026-05-7 10:53	2026-04-29	Show	GitHub Exploit DB Packet Storm

3025	5.9	警告 Network	Elasticsearch B.V.	Elastic Package Registry	Elasticsearch B.V.のElastic Package Registryにおけるデジタル署名の検証に関する脆弱性	CWE-347 デジタル署名の不適切な検証	CVE-2026-33467	2026-05-7 10:53	2026-04-28	Show	GitHub Exploit DB Packet Storm

3026	4.4	警告 Local	Mercurycom	MIPC252W Firmware	MercurycomのMIPC252W Firmwareにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-35901	2026-05-7 10:53	2026-04-27	Show	GitHub Exploit DB Packet Storm

3027	6.2	警告 Local	Mercurycom	MIPC252W Firmware	MercurycomのMIPC252W Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-35902	2026-05-7 10:53	2026-04-27	Show	GitHub Exploit DB Packet Storm

3028	9.8	緊急 Network	Mercurycom	MIPC252W Firmware	MercurycomのMIPC252W Firmwareにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-35903	2026-05-7 10:53	2026-04-27	Show	GitHub Exploit DB Packet Storm

3029	4.8	警告 Network	Apache Software Foundation	Apache Storm Prometheus Reporter	Apache Software FoundationのApache Storm Prometheus Reporterにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-40557	2026-05-7 10:53	2026-04-27	Show	GitHub Exploit DB Packet Storm

3030	8.8	重要 Network	minerva	minerva	Agilonhealth (MphRx)のMinervaにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-5779	2026-05-7 10:53	2026-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316661	-		-	-	D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the ATP binary that handles PHP HTTP GET requests for the Apache H…	-	CVE-2024-45623	2024-09-4 00:35	2024-09-3	Show	GitHub Exploit DB Packet Storm

316662	-		-	-	CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1.0 allows add_members.php fullname stored XSS.	-	CVE-2024-45528	2024-09-4 00:35	2024-09-2	Show	GitHub Exploit DB Packet Storm

316663	-		-	-	REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead to resultant logout CSRF via index.php?logout=1, and can also be used to insert a link to an external …	-	CVE-2024-45527	2024-09-4 00:35	2024-09-2	Show	GitHub Exploit DB Packet Storm

316664	-		-	-	Lightdash version 0.1024.6 allows users with the necessary permissions, such as Administrator or Editor, to create and share dashboards. A dashboard that contains HTML elements which point to a threa…	-	CVE-2024-6586	2024-09-4 00:35	2024-08-31	Show	GitHub Exploit DB Packet Storm

316665	-		-	-	Multiple stored cross-site scripting (“XSS”) vulnerabilities in the markdown dashboard and dashboard comment functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to i…	-	CVE-2024-6585	2024-09-4 00:35	2024-08-31	Show	GitHub Exploit DB Packet Storm

316666	5.4	MEDIUM Network	automattic	ghacitivity ghactivity	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic GHActivity allows Stored XSS.This issue affects GHActivity: from n/a through 2.…	CWE-79 Cross-site Scripting	CVE-2024-43949	2024-09-4 00:27	2024-08-30	Show	GitHub Exploit DB Packet Storm

316667	6.1	MEDIUM Network	dineshkarki	wp_armour	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dinesh Karki WP Armour Extended.This issue affects WP Armour Extended: from n/a through 1.…	CWE-79 Cross-site Scripting	CVE-2024-43948	2024-09-4 00:22	2024-08-30	Show	GitHub Exploit DB Packet Storm

316668	5.4	MEDIUM Network	sktthemes	skt_blocks	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Blocks – Gutenberg based Page Builder allows Stored XSS.This issue affects …	CWE-79 Cross-site Scripting	CVE-2024-43946	2024-09-4 00:21	2024-08-30	Show	GitHub Exploit DB Packet Storm

316669	5.4	MEDIUM Network	wpdeveloper	embedpress	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4…	CWE-79 Cross-site Scripting	CVE-2024-43936	2024-09-4 00:20	2024-08-30	Show	GitHub Exploit DB Packet Storm

316670	5.4	MEDIUM Network	wpdelicious	wp_delicious	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Delicious Delicious Recipes – WordPress Recipe Plugin allows Stored XSS.This issue affe…	CWE-79 Cross-site Scripting	CVE-2024-43935	2024-09-4 00:19	2024-08-30	Show	GitHub Exploit DB Packet Storm