Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3441 3.7
Network 		BACnet Stack BACnet Stack BACnet Stackにおける未定義、未指定、または実装定義の動作への依存に関する脆弱性 CWE-758
未定義、未指定、または実装定義の動作への依存 		CVE-2026-40279 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
3442 7.6 重要
Network 		WeGIA WeGIA WeGIAにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40283 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3443 6.5 警告
Network 		OpenFGA OpenFGA OpenFGAにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40293 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3444 9.9 緊急
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける複数の脆弱性 CWE-22
CWE-427
CWE-73
CWE-94
CVE-2026-40342 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3445 8.2 重要
Network 		Minio Inc. Minio Minio Inc.のMinioにおける複数の脆弱性 CWE-287
CWE-306
CVE-2026-40344 2026-04-30 12:28 2026-04-22 Show GitHub Exploit DB Packet Storm
3446 9.8 緊急
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40351 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3447 8.8 重要
Network 		FastGPT FastGPT FastGPTにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40352 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3448 9.1 緊急
Network 		マイクロソフト ASP.NET Core ASP.NET Core Elevation of Privilege Vulnerability CWE-347
デジタル署名の不適切な検証 		CVE-2026-40372 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
3449 5.4 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40479 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
3450 4.3 警告
Network 		Kimai project kimai Kimai projectのKimaiにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-40486 2026-04-30 12:28 2026-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315581 5.5 MEDIUM
Local 		adobe media_encoder Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to… CWE-125
Out-of-bounds Read 		CVE-2024-41872 2024-09-16 20:16 2024-09-13 Show GitHub Exploit DB Packet Storm
315582 7.8 HIGH
Local 		adobe media_encoder Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struc… CWE-125
Out-of-bounds Read 		CVE-2024-41871 2024-09-16 19:36 2024-09-13 Show GitHub Exploit DB Packet Storm
315583 5.5 MEDIUM
Local 		adobe media_encoder Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to… CWE-125
Out-of-bounds Read 		CVE-2024-41870 2024-09-16 19:32 2024-09-13 Show GitHub Exploit DB Packet Storm
315584 7.8 HIGH
Local 		adobe media_encoder Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of … CWE-787
 Out-of-bounds Write 		CVE-2024-39377 2024-09-16 19:30 2024-09-13 Show GitHub Exploit DB Packet Storm
315585 6.5 MEDIUM
Network 		m-files m-files_server A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files CWE-22
Path Traversal 		CVE-2024-6789 2024-09-16 16:15 2024-08-27 Show GitHub Exploit DB Packet Storm
315586 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, … CWE-667
 Improper Locking 		CVE-2024-44995 2024-09-16 03:15 2024-09-5 Show GitHub Exploit DB Packet Storm
315587 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() [BUG] There is an internal report that KASAN is repor… CWE-415
CWE-416
 Double Free
 Use After Free 		CVE-2024-46687 2024-09-15 01:17 2024-09-13 Show GitHub Exploit DB Packet Storm
315588 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and … CWE-476
 NULL Pointer Dereference 		CVE-2024-46686 2024-09-15 01:16 2024-09-13 Show GitHub Exploit DB Packet Storm
315589 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the point… CWE-476
 NULL Pointer Dereference 		CVE-2024-46685 2024-09-15 01:00 2024-09-13 Show GitHub Exploit DB Packet Storm
315590 9.8 CRITICAL
Network 		code-projects crud_operation_system A vulnerability was found in code-projects Crud Operation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatedata.php. The manipulation of the argument si… CWE-89
SQL Injection 		CVE-2024-8762 2024-09-15 00:54 2024-09-13 Show GitHub Exploit DB Packet Storm