Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3081	6.5	警告 Network	IBM	IBM DB2	IBMのIBM DB2における入力で指定された数量の不適切な検証に関する脆弱性	CWE-1284 入力で指定された数量の不適切な検証	CVE-2026-1577	2026-05-7 12:07	2026-04-30	Show	GitHub Exploit DB Packet Storm

3082	5.5	警告 Local	サムスン	android	サムスンのAndroidにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21023	2026-05-7 12:06	2026-04-29	Show	GitHub Exploit DB Packet Storm

3083	4.8	警告 Network	VMware	Spring Security	VMwareのSpring SecurityにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-22751	2026-05-7 12:06	2026-04-21	Show	GitHub Exploit DB Packet Storm

3084	8.1	重要 Network	フォーティネット	FortiAnalyzer Cloud FortiManager Cloud	フォーティネットのFortiAnalyzer Cloud等の複数製品におけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-22828	2026-05-7 12:06	2026-04-14	Show	GitHub Exploit DB Packet Storm

3085	9.8	緊急 Network	IBM	IBM i	IBMのIBM iにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-2311	2026-05-7 12:06	2026-04-30	Show	GitHub Exploit DB Packet Storm

3086	9.1	緊急 Network	Eclipse Foundation	Jetty	Eclipse FoundationのJettyにおけるHTTP リクエストスマグリングに関する脆弱性	CWE-444 HTTP リクエストスマグリング	CVE-2026-2332	2026-05-7 12:06	2026-04-14	Show	GitHub Exploit DB Packet Storm

3087	9.1	緊急 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-23500	2026-05-7 12:06	2026-04-17	Show	GitHub Exploit DB Packet Storm

3088	5.3	警告 Local	FreeType Project	FreeType	FreeType ProjectのFreeTypeにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-23865	2026-05-7 12:06	2026-03-2	Show	GitHub Exploit DB Packet Storm

3089	6.5	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおける不正な正規表現に関する脆弱性	CWE-185 不正な正規表現	CVE-2026-25542	2026-05-7 12:06	2026-04-21	Show	GitHub Exploit DB Packet Storm

3090	6.5	警告 Adjacent	FRRouting Project	FRRouting	FRRouting ProjectのFRRoutingにおける複数の脆弱性	CWE-125 CWE-190	CVE-2026-28532	2026-05-7 12:06	2026-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313141	-		-	-	Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-330537292.	-	CVE-2024-47014	2024-10-25 23:15	2024-10-25	Show	GitHub Exploit DB Packet Storm

313142	6.5	MEDIUM Network	umbraco	umbraco_cms	Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. The issue allows low-privilege users to ac…	CWE-284 CWE-863 Improper Access Control Incorrect Authorization	CVE-2024-48925	2024-10-25 23:12	2024-10-23	Show	GitHub Exploit DB Packet Storm

313143	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvme_ns_head list Walking the nvme_ns_head siblings list is protected by the head's srcu in nvme_ns_…	CWE-416 Use After Free	CVE-2022-49003	2024-10-25 23:12	2024-10-22	Show	GitHub Exploit DB Packet Storm

313144	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/xe/ct: prevent UAF in send_recv() Ensure we serialize with completion side to prevent UAF with fence going out of scope on th…	CWE-416 Use After Free	CVE-2024-50030	2024-10-25 23:06	2024-10-22	Show	GitHub Exploit DB Packet Storm

313145	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcc…	CWE-476 NULL Pointer Dereference	CVE-2024-49901	2024-10-25 23:05	2024-10-22	Show	GitHub Exploit DB Packet Storm

313146	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix TTLM teardown work The worker calculates the wrong sdata pointer, so if it ever runs, it'll crash. Fix that.	NVD-CWE-noinfo	CVE-2024-43848	2024-10-25 22:57	2024-08-17	Show	GitHub Exploit DB Packet Storm

313147	-		-	-	In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible arbitrary write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privile…	-	CVE-2024-47013	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

313148	-		-	-	OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, lack of cross-site request forgery protection on the `preview-expression` command means that visiting a mal…	CWE-352 CWE-94 Origin Validation Error Code Injection	CVE-2024-47879	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

313149	-		-	-	An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component	-	CVE-2024-48454	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm

313150	-		-	-	A lack of rate limiting in the OTP validation component of Digitory Multi Channel Integrated POS v1.0 allows attackers to gain access to the ordering system and place an excessive amount of food orde…	-	CVE-2024-48143	2024-10-25 21:56	2024-10-25	Show	GitHub Exploit DB Packet Storm