Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3171 9 緊急
Network 		Thymeleaf Thymeleaf Thymeleafにおける複数の脆弱性 CWE-1336
CWE-917
CVE-2026-40477 2026-04-27 10:48 2026-04-17 Show GitHub Exploit DB Packet Storm
3172 9 緊急
Network 		Thymeleaf Thymeleaf Thymeleafにおける複数の脆弱性 CWE-1336
CWE-917
CVE-2026-40478 2026-04-27 10:47 2026-04-17 Show GitHub Exploit DB Packet Storm
3173 7.1 重要
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40599 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
3174 4.4 警告
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-40604 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
3175 4.8 警告
Network 		mitmproxy mitmproxy mitmproxyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40606 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
3176 7.5 重要
Network 		coturn project coturn coturn projectのcoturnにおける不正な型変換に関する脆弱性 CWE-704
不正な型変換またはキャスト 		CVE-2026-40613 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
3177 8.8 重要
Network 		goshs goshs goshsにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40876 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
3178 7.5 重要
Network 		- NestJSにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40879 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
3179 7.6 重要
Network 		openremote openremote openremoteにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-40882 2026-04-27 10:47 2026-04-22 Show GitHub Exploit DB Packet Storm
3180 8.3 重要
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40925 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314881 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: bnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl() A recent commit has modified the code in __bnxt_reserve_rings() to s… CWE-787
 Out-of-bounds Write 		CVE-2024-44933 2024-08-28 01:08 2024-08-26 Show GitHub Exploit DB Packet Storm
314882 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs f… CWE-416
 Use After Free 		CVE-2024-44932 2024-08-28 01:08 2024-08-26 Show GitHub Exploit DB Packet Storm
314883 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free[1] which is caused because the bri… CWE-416
 Use After Free 		CVE-2024-44934 2024-08-28 01:07 2024-08-26 Show GitHub Exploit DB Packet Storm
314884 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: fix memory leak in int3400_notify() It is easy to hit the below memory leaks in my TigerLake platform: unrefer… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2022-48924 2024-08-28 01:07 2024-08-22 Show GitHub Exploit DB Packet Storm
314885 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix TZ_GET_TRIP NULL pointer dereference Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the th… CWE-476
 NULL Pointer Dereference 		CVE-2022-48915 2024-08-28 01:07 2024-08-22 Show GitHub Exploit DB Packet Storm
314886 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call dea… CWE-415
 Double Free 		CVE-2022-48919 2024-08-28 01:07 2024-08-22 Show GitHub Exploit DB Packet Storm
314887 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: check debugfs_dir ptr before use When "debugfs=off" is used on the kernel command line, iwiwifi's mvm module uses a… CWE-476
 NULL Pointer Dereference 		CVE-2022-48918 2024-08-28 01:07 2024-08-22 Show GitHub Exploit DB Packet Storm
314888 9.8 CRITICAL
Network 		fastcom fw300r_firmware A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path. CWE-787
 Out-of-bounds Write 		CVE-2024-41285 2024-08-28 01:03 2024-08-27 Show GitHub Exploit DB Packet Storm
314889 9.8 CRITICAL
Network 		angeljudesuarez tailoring_management_system A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file staffcatedit.php. The manipulation of the argumen… CWE-89
SQL Injection 		CVE-2024-8171 2024-08-28 01:02 2024-08-27 Show GitHub Exploit DB Packet Storm
314890 9.8 CRITICAL
Network 		rems zipped_folder_manager_app A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The manipulation of the ar… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8170 2024-08-28 01:02 2024-08-27 Show GitHub Exploit DB Packet Storm