Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3111 7.5 重要
Network 		VMware Spring Boot VMwareのSpring Bootにおける不十分なランダム値の使用に関する脆弱性 CWE-330
不十分なランダム値の使用 		CVE-2026-40975 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
3112 9.1 緊急
Network 		VMware Spring Boot VMwareのSpring Bootにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40976 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
3113 6.7 警告
Local 		VMware Spring Boot VMwareのSpring Bootにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-40977 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
3114 8.8 重要
Network 		VMware Spring AI VMwareのSpring AIにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-40978 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
3115 6.1 警告
Local 		VMware Spring AI VMwareのSpring AIにおける安全でない一時ファイルに関する脆弱性 CWE-377
安全でない一時ファイル 		CVE-2026-40979 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
3116 6.5 警告
Network 		VMware Spring AI VMwareのSpring AIにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-40980 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
3117 5.3 警告
Local 		OpenClaw OpenClaw OpenClawにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-41332 2026-05-1 10:47 2026-04-23 Show GitHub Exploit DB Packet Storm
3118 4.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性 CWE-497
認可されていない制御領域への重要情報の漏えい 		CVE-2026-41339 2026-05-1 10:47 2026-04-23 Show GitHub Exploit DB Packet Storm
3119 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける不適切な動作順序(早期増幅)に関する脆弱性 CWE-408
不適切な動作順序(早期増幅) 		CVE-2026-41374 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
3120 4.6 警告
Adjacent 		OpenClaw OpenClaw OpenClawにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-41398 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317441 - - - A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor. … CWE-22
Path Traversal 		CVE-2024-7551 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317442 - - - The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115… - CVE-2024-7529 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317443 - - - Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129 and Firefox ESR < 128.1. - CVE-2024-7528 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317444 - - - It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Fi… - CVE-2024-7525 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317445 - - - Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. - CVE-2024-7521 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317446 - - - Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session deta… CWE-79
Cross-site Scripting 		CVE-2024-33993 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317447 - - - Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and r… CWE-79
Cross-site Scripting 		CVE-2024-33992 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317448 - - - Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and r… CWE-79
Cross-site Scripting 		CVE-2024-33991 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317449 - - - Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an … - CVE-2024-33990 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm
317450 - - - Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an … CWE-79
Cross-site Scripting 		CVE-2024-33989 2024-08-7 01:30 2024-08-6 Show GitHub Exploit DB Packet Storm