Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3051	5	警告 Local	オラクル	MySQL	オラクルのMySQLにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-34317	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

3052	5.8	警告 Network	オラクル	MySQL	オラクルのMySQLにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-34318	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

3053	5	警告 Local	オラクル	MySQL	オラクルのMySQLにおけるリクエストに対するレスポンス内容の違いに起因する情報漏えいに関する脆弱性	CWE-204 リクエストに対するレスポンス内容の違いに起因する情報漏えい	CVE-2026-34319	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

3054	7.5	重要 Network	オラクル	Java VM	オラクルのJava VMにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35229	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

3055	4.4	警告 Local	オラクル	Oracle Linux	オラクルのOracle Linuxにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-35233	2026-05-7 10:51	2026-05-1	Show	GitHub Exploit DB Packet Storm

3056	5.2	警告 Network	オラクル	Hyperion Infrastructure Technology	オラクルのHyperion Infrastructure Technologyにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35244	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

3057	9.1	緊急 Network	Volcengine	OpenViking	VolcengineのOpenVikingにおける安全でない失敗処理に関する脆弱性	CWE-636 安全でない失敗処理	CVE-2026-40525	2026-05-7 10:51	2026-04-17	Show	GitHub Exploit DB Packet Storm

3058	7.1	重要 Network	Apache Software Foundation	Apache Atlas	Apache Software FoundationのApache Atlasにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-40563	2026-05-7 10:51	2026-05-4	Show	GitHub Exploit DB Packet Storm

3059	8.8	重要 Adjacent	Espressif Systems	ESP32 Arduino	Espressif SystemsのESP32 Arduinoにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-41429	2026-05-7 10:51	2026-04-24	Show	GitHub Exploit DB Packet Storm

3060	9	緊急 Network	Jenkins プロジェクト	GitHub	JenkinsのGitHubにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42523	2026-05-7 10:51	2026-04-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313451	4.2	MEDIUM Adjacent	jktyre	smart_tyre_car_\&_bike	An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications.	CWE-294 Authentication Bypass by Capture-replay	CVE-2024-39081	2024-10-2 00:51	2024-09-18	Show	GitHub Exploit DB Packet Storm

313452	8.8	HIGH Adjacent	circutor	q-smt_firmware	An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only im…	NVD-CWE-Other	CVE-2024-8890	2024-10-2 00:46	2024-09-18	Show	GitHub Exploit DB Packet Storm

313453	9.8	CRITICAL Network	doverfuelingsolutions	progauge_maglink_lx_console_firmware progauge_maglink_lx4_console_firmware	The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed.	CWE-798 Use of Hard-coded Credentials	CVE-2024-43423	2024-10-2 00:41	2024-09-25	Show	GitHub Exploit DB Packet Storm

313454	7.8	HIGH Local	projectdiscovery	nuclei	Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow…	CWE-78 OS Command	CVE-2024-43405	2024-10-2 00:37	2024-09-5	Show	GitHub Exploit DB Packet Storm

313455	8.8	HIGH Local	rust-lang	rust	Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.8…	CWE-88 Argument Injection	CVE-2024-43402	2024-10-2 00:12	2024-09-5	Show	GitHub Exploit DB Packet Storm

313456	6.1	MEDIUM Network	objectiv	simple_ldap_login	The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including…	CWE-79 Cross-site Scripting	CVE-2024-8715	2024-10-1 23:37	2024-09-28	Show	GitHub Exploit DB Packet Storm

313457	7.5	HIGH Network	huawei	harmonyos emui	Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	NVD-CWE-noinfo	CVE-2024-9136	2024-10-1 23:28	2024-09-27	Show	GitHub Exploit DB Packet Storm

313458	7.5	HIGH Network	huawei	emui harmonyos	Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.	NVD-CWE-noinfo	CVE-2024-47294	2024-10-1 23:27	2024-09-27	Show	GitHub Exploit DB Packet Storm

313459	7.5	HIGH Network	huawei	harmonyos emui	Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.	CWE-787 Out-of-bounds Write	CVE-2024-47293	2024-10-1 23:25	2024-09-27	Show	GitHub Exploit DB Packet Storm

313460	5.5	MEDIUM Local	huawei	emui harmonyos	Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	CWE-22 Path Traversal	CVE-2024-47292	2024-10-1 23:23	2024-09-27	Show	GitHub Exploit DB Packet Storm