Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
381 9.1 緊急
Network 		oauth2_proxy project oauth2_proxy oauth2_proxy projectのoauth2_proxyにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-40575 2026-04-30 12:28 2026-04-22 Show GitHub Exploit DB Packet Storm
382 4.8 警告
Network 		pyLoad-ng project pyLoad-ng pyLoad-ng projectのpyLoad-ngにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-40594 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
383 8.1 重要
Network 		The Kyverno Authors Kyverno The Kyverno AuthorsのKyvernoにおける重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2026-40868 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
384 8.1 重要
Network 		goshs goshs goshsにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40883 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
385 9.8 緊急
Network 		goshs goshs goshsにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-40884 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
386 8.8 重要
Network 		goshs goshs goshsにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-40885 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
387 7.5 重要
Network 		gomarkdown markdown gomarkdownのMarkdownにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-40890 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
388 10 緊急
Network 		WWBN AVideo WWBNのAVideoにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-40911 2026-04-30 12:28 2026-04-21 Show GitHub Exploit DB Packet Storm
389 5.4 警告
Network 		Linux Foundation tekton pipelines Linux Foundationのtekton pipelinesにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40923 2026-04-30 12:27 2026-04-21 Show GitHub Exploit DB Packet Storm
390 6.5 警告
Network 		Linux Foundation tekton pipelines Linux Foundationのtekton pipelinesにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-40924 2026-04-30 12:27 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312861 - - - PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later, - CVE-2024-30170 2024-08-7 01:35 2024-08-6 Show GitHub Exploit DB Packet Storm
312862 - - - Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. - CVE-2024-7527 2024-08-7 01:35 2024-08-6 Show GitHub Exploit DB Packet Storm
312863 - - - A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129 and Firefox ESR < 128.1. - CVE-2024-7520 2024-08-7 01:35 2024-08-6 Show GitHub Exploit DB Packet Storm
312864 7.5 HIGH
Network 		- - Transient DOS during music playback of ALAC content. - CVE-2024-21479 2024-08-7 01:31 2024-08-6 Show GitHub Exploit DB Packet Storm
312865 6.5 MEDIUM
Network 		- - Information disclosure while handling beacon probe frame during scan entry generation in client side. - CVE-2024-21467 2024-08-7 01:31 2024-08-6 Show GitHub Exploit DB Packet Storm
312866 6.5 MEDIUM
Network 		- - Information disclosure while handling beacon or probe response frame in STA. - CVE-2024-21459 2024-08-7 01:31 2024-08-6 Show GitHub Exploit DB Packet Storm
312867 - - - Improper filering of special characters result in a command ('command injection') vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2. - CVE-2024-7397 2024-08-7 01:31 2024-08-5 Show GitHub Exploit DB Packet Storm
312868 - - - Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2. - CVE-2024-7396 2024-08-7 01:31 2024-08-5 Show GitHub Exploit DB Packet Storm
312869 - - - An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2. - CVE-2024-7395 2024-08-7 01:31 2024-08-5 Show GitHub Exploit DB Packet Storm
312870 - - - Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. W… - CVE-2024-6472 2024-08-7 01:31 2024-08-5 Show GitHub Exploit DB Packet Storm