Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3081 7.6 重要
Network 		WeGIA WeGIA WeGIAにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40283 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3082 6.5 警告
Network 		OpenFGA OpenFGA OpenFGAにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40293 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3083 9.9 緊急
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける複数の脆弱性 CWE-22
CWE-427
CWE-73
CWE-94
CVE-2026-40342 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3084 8.2 重要
Network 		Minio Inc. Minio Minio Inc.のMinioにおける複数の脆弱性 CWE-287
CWE-306
CVE-2026-40344 2026-04-30 12:28 2026-04-22 Show GitHub Exploit DB Packet Storm
3085 9.8 緊急
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40351 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3086 8.8 重要
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40352 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3087 9.1 緊急
Network 		マイクロソフト ASP.NET Core ASP.NET Core Elevation of Privilege Vulnerability CWE-347
デジタル署名の不適切な検証 		CVE-2026-40372 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
3088 5.4 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40479 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3089 4.3 警告
Network 		Kimai project kimai Kimai projectのKimaiにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-40486 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3090 6.8 警告
Network 		oauth2_proxy project oauth2_proxy oauth2_proxy projectのoauth2_proxyにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40574 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314301 - - - RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php. - CVE-2024-44570 2024-09-12 21:35 2024-09-12 Show GitHub Exploit DB Packet Storm
314302 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null … CWE-476
 NULL Pointer Dereference 		CVE-2024-43905 2024-09-12 21:15 2024-08-26 Show GitHub Exploit DB Packet Storm
314303 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for … NVD-CWE-noinfo
CVE-2024-43897 2024-09-12 21:15 2024-08-26 Show GitHub Exploit DB Packet Storm
314304 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many s… NVD-CWE-noinfo
CVE-2024-43892 2024-09-12 21:15 2024-08-26 Show GitHub Exploit DB Packet Storm
314305 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2024-43854 2024-09-12 21:15 2024-08-17 Show GitHub Exploit DB Packet Storm
314306 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket When using a BPF program on kernel_connect(), the c… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2024-42246 2024-09-12 21:15 2024-08-8 Show GitHub Exploit DB Packet Storm
314307 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2024-38688 2024-09-12 16:15 2024-08-13 Show GitHub Exploit DB Packet Storm
314308 - - - Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved. - CVE-2024-45624 2024-09-12 14:15 2024-09-12 Show GitHub Exploit DB Packet Storm
314309 - - - An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. - CVE-2024-34785 2024-09-12 11:15 2024-09-12 Show GitHub Exploit DB Packet Storm
314310 - - - An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. - CVE-2024-34783 2024-09-12 11:15 2024-09-12 Show GitHub Exploit DB Packet Storm