Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3851	10	緊急 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性	CWE-183 CWE-441 CWE-918	CVE-2026-42043	2026-04-30 12:25	2026-04-24	Show	GitHub Exploit DB Packet Storm

3852	9.1	緊急 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性	CWE-1321 CWE-915	CVE-2026-42044	2026-04-30 12:25	2026-04-24	Show	GitHub Exploit DB Packet Storm

3853	8.8	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおける送信データへの重要な情報の挿入に関する脆弱性	CWE-201 送信データへの重要な情報の挿入	CVE-2026-4525	2026-04-30 12:25	2026-04-17	Show	GitHub Exploit DB Packet Storm

3854	4.9	警告 Network	IBM	IBM Guardium Data Protection	IBMのIBM Guardium Data Protectionにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-4917	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

3855	4.8	警告 Network	IBM	IBM Guardium Data Protection	IBMのIBM Guardium Data Protectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4918	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

3856	4.8	警告 Network	IBM	IBM Guardium Data Protection	IBMのIBM Guardium Data Protectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4919	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

3857	8.6	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-5052	2026-04-30 12:25	2026-04-17	Show	GitHub Exploit DB Packet Storm

3858	6.5	警告 Network	Rapid7	velociraptor	Rapid7のvelociraptorにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-5329	2026-04-30 12:25	2026-04-9	Show	GitHub Exploit DB Packet Storm

3859	7.5	重要 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-5477	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

3860	5.9	警告 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-5500	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315011	-	-	-	Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port.	-	CVE-2024-44540	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315012	-	-	-	A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user form inputs.	-	CVE-2024-39843	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315013	-	-	-	A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs.	-	CVE-2024-39842	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315014	-	-	-	Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier uses a DLL library (i.e. DCG.Security.dll) with a custom AES encryption process th…	-	CVE-2024-39342	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315015	-	-	-	A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.js…	-	CVE-2023-46948	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315016	-	-	-	pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthor…	-	CVE-2024-9014	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315017	-	-	-	An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote att…	-	CVE-2024-40442	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315018	-	-	-	An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote att…	-	CVE-2024-40441	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315019	-	-	-	A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files.	-	CVE-2024-41228	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm

315020	-	-	-	A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root.	-	CVE-2024-34331	2024-09-26 22:32	2024-09-24	Show	GitHub Exploit DB Packet Storm