Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3741 7.1 重要
Local 		Gwenhael Goavec-Merou (trabucayre) openFPGALoader Gwenhael Goavec-Merou (trabucayre)のopenFPGALoaderにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-35170 2026-04-30 12:08 2026-04-6 Show GitHub Exploit DB Packet Storm
3742 7.1 重要
Local 		Gwenhael Goavec-Merou (trabucayre) openFPGALoader Gwenhael Goavec-Merou (trabucayre)のopenFPGALoaderにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-35176 2026-04-30 12:08 2026-04-6 Show GitHub Exploit DB Packet Storm
3743 6.5 警告
Network 		Coder Code Extension Marketplace CoderのCode Extension Marketplaceにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35454 2026-04-30 12:07 2026-04-6 Show GitHub Exploit DB Packet Storm
3744 9.8 緊急
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-35503 2026-04-30 12:07 2026-04-24 Show GitHub Exploit DB Packet Storm
3745 8.1 重要
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-39462 2026-04-30 12:07 2026-04-24 Show GitHub Exploit DB Packet Storm
3746 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 CWE-667
不適切なロック 		CVE-2026-31509 2026-04-30 11:07 2026-04-22 Show GitHub Exploit DB Packet Storm
3747 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-31510 2026-04-30 11:07 2026-04-22 Show GitHub Exploit DB Packet Storm
3748 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-31511 2026-04-30 11:06 2026-04-22 Show GitHub Exploit DB Packet Storm
3749 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-31512 2026-04-30 11:06 2026-04-22 Show GitHub Exploit DB Packet Storm
3750 8.1 重要
Adjacent 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-31513 2026-04-30 11:06 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314591 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelera… NVD-CWE-noinfo
CVE-2024-46712 2024-09-19 22:09 2024-09-13 Show GitHub Exploit DB Packet Storm
314592 9.8 CRITICAL
Network 		tnbmobil cockpit Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable.This issue affects Cockpit Software: before v2.13. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-6656 2024-09-19 22:05 2024-09-13 Show GitHub Exploit DB Packet Storm
314593 5.3 MEDIUM
Network 		secreto31126 whatsapp-api-js whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the… NVD-CWE-Other
CVE-2024-45607 2024-09-19 11:05 2024-09-13 Show GitHub Exploit DB Packet Storm
314594 8.8 HIGH
Network 		rockwellautomation 2800c_optixpanel_compact_firmware
2800s_optixpanel_standard_firmware
embedded_edge_compute_module_firmware 		A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials an… CWE-276
Incorrect Default Permissions  		CVE-2024-8533 2024-09-19 10:57 2024-09-13 Show GitHub Exploit DB Packet Storm
314595 9.8 CRITICAL
Network 		rockwellautomation pavilion8 A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execut… CWE-22
Path Traversal 		CVE-2024-7961 2024-09-19 10:52 2024-09-13 Show GitHub Exploit DB Packet Storm
314596 9.1 CRITICAL
Network 		rockwellautomation pavilion8 The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect pri… NVD-CWE-noinfo
CVE-2024-7960 2024-09-19 10:52 2024-09-13 Show GitHub Exploit DB Packet Storm
314597 4.3 MEDIUM
Network 		lenovo xclarity_administrator A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges. NVD-CWE-noinfo
CVE-2024-45103 2024-09-19 10:50 2024-09-14 Show GitHub Exploit DB Packet Storm
314598 6.5 MEDIUM
Network 		lenovo xclarity_administrator A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call. NVD-CWE-noinfo
CVE-2024-45104 2024-09-19 10:49 2024-09-14 Show GitHub Exploit DB Packet Storm
314599 9.8 CRITICAL
Network 		heyewei jfinalcms A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads t… CWE-22
Path Traversal 		CVE-2024-8782 2024-09-19 10:46 2024-09-14 Show GitHub Exploit DB Packet Storm
314600 6.5 MEDIUM
Adjacent 		zephyrproject zephyr BT: Encryption procedure host vulnerability NVD-CWE-noinfo
CVE-2024-5754 2024-09-19 10:44 2024-09-14 Show GitHub Exploit DB Packet Storm