Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
331	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-43298	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

332	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-43299	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

333	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 New	CWE-476 NULL ポインタデリファレンス	CVE-2026-43300	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

334	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける整数アンダーフローの脆弱性 New	CWE-191 整数アンダーフロー	CVE-2026-43301	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

335	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおけるバッファサイズの計算の誤りに関する脆弱性 New	CWE-131 正しくないバッファサイズ計算	CVE-2026-43302	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

336	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-43303	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

337	9.8	緊急 Network	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-43304	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

338	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 New	CWE-667 不適切なロック	CVE-2026-43305	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

339	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-43306	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

340	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-43307	2026-05-18 11:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311841	5.4	MEDIUM Network	cisco	nexus_dashboard nexus_dashboard_fabric_controller	A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exis…	CWE-862 Missing Authorization	CVE-2024-20477	2024-10-9 01:00	2024-10-3	Show	GitHub Exploit DB Packet Storm

311842	8.2	HIGH Network	synology	drive_client	Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial …	CWE-120 Classic Buffer Overflow	CVE-2023-52946	2024-10-9 00:55	2024-09-26	Show	GitHub Exploit DB Packet Storm

311843	8.6	HIGH Network	cisco	nexus_dashboard_orchestrator nexus_dashboard_insights nexus_dashboard_fabric_controller	A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because …	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-20491	2024-10-9 00:55	2024-10-3	Show	GitHub Exploit DB Packet Storm

311844	9.8	CRITICAL Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the target…	CWE-89 SQL Injection	CVE-2024-43699	2024-10-9 00:44	2024-10-4	Show	GitHub Exploit DB Packet Storm

311845	8.8	HIGH Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.	CWE-89 SQL Injection	CVE-2024-42417	2024-10-9 00:43	2024-10-4	Show	GitHub Exploit DB Packet Storm

311846	9.8	CRITICAL Network	draytek	vigor3912_firmware vigor2962_firmware vigor3910_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of…	CWE-787 Out-of-bounds Write	CVE-2024-41593	2024-10-9 00:35	2024-10-4	Show	GitHub Exploit DB Packet Storm

311847	6.1	MEDIUM Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.	CWE-79 Cross-site Scripting	CVE-2024-41591	2024-10-9 00:34	2024-10-4	Show	GitHub Exploit DB Packet Storm

311848	6.1	MEDIUM Network	cozmoslabs	membership_\&_content_restriction_-_paid_member_subscriptions	The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…	CWE-79 Cross-site Scripting	CVE-2024-9222	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

311849	6.1	MEDIUM Network	ibericode	mailchimp_top_bar	The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…	CWE-79 Cross-site Scripting	CVE-2024-9210	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

311850	8.8	HIGH Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerabil…	CWE-22 Path Traversal	CVE-2024-20449	2024-10-9 00:33	2024-10-3	Show	GitHub Exploit DB Packet Storm