Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3631	5.8	警告 Network	Pavel Zbornik (pavelzbornik)	whisperX REST API	Pavel Zbornik (pavelzbornik)のwhisperX REST APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34981	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

3632	7.5	重要 Network	Distribution	Distribution	Distributionにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-35172	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

3633	7.5	重要 Network	UnJS Team	defu	UnJS Teamのdefuにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-35209	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

3634	7.5	重要 Network	オラクル	Oracle Financial Services Transaction Filtering	オラクルのOracle Financial Services Transaction Filteringにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35231	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3635	6.3	警告 Local	Flatpak	XDG Desktop Portal (xdg-desktop-portal)	FlatpakのXDG Desktop Portal (xdg-desktop-portal)におけるUNIX Symbolic Link のフォローに関する脆弱性	CWE-61 UNIX Symbolic Link のフォロー	CVE-2026-40354	2026-04-30 12:13	2026-04-11	Show	GitHub Exploit DB Packet Storm

3636	5.3	警告 Local	Veeam	one	サムスンのOneにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40448	2026-04-30 12:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

3637	6.6	警告 Local	Veeam	one	サムスンのOneにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40449	2026-04-30 12:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

3638	6.6	警告 Local	Veeam	one	サムスンのOneにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40450	2026-04-30 12:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

3639	8.2	重要 Network	UltraDAG	UltraDAG	UltraDAGにおける複数の脆弱性	CWE-460 CWE-696	CVE-2026-40583	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3640	7.5	重要 Network	RansomLook	RansomLook	RansomLookにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-40584	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
421	4.3	MEDIUM Network	-	-	In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.	CWE-696 Incorrect Behavior Order	CVE-2026-44919	2026-05-21 02:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

422	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can return EBUSY. Handle them by checking for that va…	-	CVE-2026-43493	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

423	8.8	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smb_inherit_dacl() walks the parent directory DACL loaded from the security descriptor x…	-	CVE-2026-43490	2026-05-21 02:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

424	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsg_reply() genlmsg_reply() hands the reply skb to netlink, and netlink_unicast() con…	-	CVE-2026-43481	2026-05-21 02:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

425	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) in…	-	CVE-2026-43476	2026-05-21 02:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

426	5.5	MEDIUM Local	-	-	Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to …	CWE-290 CWE-451 Authentication Bypass by Spoofing User Interface (UI) Misrepresentation of Critical Information	CVE-2026-39309	2026-05-21 02:16	2026-05-20	Show	GitHub Exploit DB Packet Storm

427	6.8	MEDIUM Network	-	-	A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay `ExecuteActionsActionToken` tokens within Keycloak's WebAuthn (Web Authentication) flow. By intercep…	CWE-294 Authentication Bypass by Capture-replay	CVE-2026-37982	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

428	4.3	MEDIUM Network	-	-	A flaw was found in Keycloak. A broken access control vulnerability in the Account Resources user lookup endpoint allows a remote authenticated user, who owns at least one User-Managed Access (UMA) r…	CWE-1220 Insufficient Granularity of Access Control	CVE-2026-37981	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

429	6.5	MEDIUM Network	-	-	A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect (OIDC) token introspection endpoint allows a confidential client to bypass audience restrictions. An attac…	CWE-284 Improper Access Control	CVE-2026-37979	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

430	4.9	MEDIUM Network	-	-	A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints with an arbitrary user ID (userId) para…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-37978	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm