Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3601 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-31508 2026-04-30 12:14 2026-04-22 Show GitHub Exploit DB Packet Storm
3602 8.8 重要
Network 		BMC Software Control-M Managed File Transfer BMC SoftwareのControl-M Managed File TransferにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-23780 2026-04-30 12:14 2026-04-10 Show GitHub Exploit DB Packet Storm
3603 9.8 緊急
Network 		BMC Software Control-M Managed File Transfer BMC SoftwareのControl-M Managed File Transferにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-23781 2026-04-30 12:14 2026-04-10 Show GitHub Exploit DB Packet Storm
3604 7.5 重要
Network 		BMC Software Control-M Managed File Transfer BMC SoftwareのControl-M Managed File Transferにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-23782 2026-04-30 12:14 2026-04-10 Show GitHub Exploit DB Packet Storm
3605 9.9 緊急
Network 		Doorman Doorman Doormanにおける権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-30269 2026-04-30 12:14 2026-04-20 Show GitHub Exploit DB Packet Storm
3606 7.5 重要
Network 		PowerDNS PowerDNS Recursor
dnsdist
PowerDNS Authoritative Server 		PowerDNSのPowerDNS Authoritative Server等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-33257 2026-04-30 12:14 2026-04-22 Show GitHub Exploit DB Packet Storm
3607 7.5 重要
Network 		PowerDNS PowerDNS Recursor
dnsdist
PowerDNS Authoritative Server 		PowerDNSのPowerDNS Authoritative Server等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-33260 2026-04-30 12:14 2026-04-22 Show GitHub Exploit DB Packet Storm
3608 8.8 重要
Network 		litellm litellm LiteLLMにおける保護されていない代替チャネルに関する脆弱性 CWE-420
保護されていない代替チャネル 		CVE-2026-40217 2026-04-30 12:14 2026-04-10 Show GitHub Exploit DB Packet Storm
3609 7.8 重要
Local 		radare radare2 radareのradare2におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-40517 2026-04-30 12:14 2026-04-22 Show GitHub Exploit DB Packet Storm
3610 6.7 警告
Local 		The GnuPG Project Libgcrypt The GnuPG ProjectのLibgcryptにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-41989 2026-04-30 12:14 2026-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315131 9.8 CRITICAL
Network 		samsung notes Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code. CWE-787
 Out-of-bounds Write 		CVE-2024-34657 2024-09-5 22:48 2024-09-4 Show GitHub Exploit DB Packet Storm
315132 8.8 HIGH
Network 		6shr_system_project 6shr_system 6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scripts and use them to execute arbitrary syst… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8330 2024-09-5 22:41 2024-08-30 Show GitHub Exploit DB Packet Storm
315133 8.8 HIGH
Network 		6shr_system_project 6shr_system 6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database … CWE-89
SQL Injection 		CVE-2024-8329 2024-09-5 22:40 2024-08-30 Show GitHub Exploit DB Packet Storm
315134 7.8 HIGH
Local 		samsung notes Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. CWE-787
 Out-of-bounds Write 		CVE-2024-34660 2024-09-5 22:30 2024-09-4 Show GitHub Exploit DB Packet Storm
315135 7.8 HIGH
Local 		kingsoft wps_office Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows libr… CWE-22
Path Traversal 		CVE-2024-7262 2024-09-5 22:30 2024-08-16 Show GitHub Exploit DB Packet Storm
315136 6.5 MEDIUM
Network 		wpextended wp_extended The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0.8 via the download_file_ajax function. This makes … CWE-22
Path Traversal 		CVE-2024-8104 2024-09-5 22:28 2024-09-4 Show GitHub Exploit DB Packet Storm
315137 8.8 HIGH
Network 		wpextended wp_extended The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the… CWE-862
 Missing Authorization 		CVE-2024-8102 2024-09-5 22:28 2024-09-4 Show GitHub Exploit DB Packet Storm
315138 6.5 MEDIUM
Network 		wpextended wp_extended The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.8 via the download_user_ajax function. … NVD-CWE-noinfo
CVE-2024-8106 2024-09-5 22:05 2024-09-4 Show GitHub Exploit DB Packet Storm
315139 - - - In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at input_mt_init_slots(), for num_slots is supplied from use… - CVE-2024-45008 2024-09-5 21:53 2024-09-5 Show GitHub Exploit DB Packet Storm
315140 - - - In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Don't destroy workqueue from work item running on it Triggered by a kref decrement, destroy_workqueue() may be ca… - CVE-2024-45007 2024-09-5 21:53 2024-09-5 Show GitHub Exploit DB Packet Storm