Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4261	9.8	緊急 Network	goshs	goshs	goshsにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-40884	2026-04-30 12:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

4262	8.8	重要 Network	goshs	goshs	goshsにおける情報漏えいに関する脆弱性	CWE-200 CWE-noinfo	CVE-2026-40885	2026-04-30 12:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

4263	7.5	重要 Network	gomarkdown	markdown	gomarkdownのMarkdownにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-40890	2026-04-30 12:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

4264	10	緊急 Network	WWBN	AVideo	WWBNのAVideoにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-40911	2026-04-30 12:28	2026-04-21	Show	GitHub Exploit DB Packet Storm

4265	5.4	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40923	2026-04-30 12:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

4266	6.5	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-40924	2026-04-30 12:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

4267	7.5	重要 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-40938	2026-04-30 12:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

4268	6.5	警告 Network	Apache Software Foundation	ActiveMQ Web Apache ActiveMQ	Apache Software FoundationのApache ActiveMQ等の複数製品における複数の脆弱性	CWE-79 CWE-79 CWE-915	CVE-2026-41043	2026-04-30 12:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

4269	8.8	重要 Network	Apache Software Foundation	Apache ActiveMQ ActiveMQ Broker	Apache Software FoundationのApache ActiveMQ等の複数製品における複数の脆弱性	CWE-20 CWE-94	CVE-2026-41044	2026-04-30 12:27	2026-04-24	Show	GitHub Exploit DB Packet Storm

4270	8.2	重要 Network	oauth2_proxy project	oauth2_proxy	oauth2_proxy projectのoauth2_proxyにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-41059	2026-04-30 12:27	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314891	8.8	HIGH Local	microsoft	azure_stack_hci	Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability	NVD-CWE-noinfo	CVE-2024-38179	2024-10-22 21:54	2024-10-9	Show	GitHub Exploit DB Packet Storm

314892	-		-	-	ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 1…	-	CVE-2024-9537	2024-10-22 10:00	2024-10-19	Show	GitHub Exploit DB Packet Storm

314893	7.4	HIGH Network	microsoft	windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2022_23h2 windows_server_2022 windows_server_2019	Windows Remote Desktop Services Tampering Vulnerability	NVD-CWE-noinfo	CVE-2024-43456	2024-10-22 06:28	2024-10-9	Show	GitHub Exploit DB Packet Storm

314894	7.8	HIGH Local	microsoft	365_apps excel office office_long_term_servicing_channel	Microsoft Excel Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-43504	2024-10-22 06:26	2024-10-9	Show	GitHub Exploit DB Packet Storm

314895	5.4	MEDIUM Network	exceedone	exment	Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. When accessing the edit screen containing custom columns (column type: images or files), …	CWE-79 Cross-site Scripting	CVE-2024-47793	2024-10-22 06:25	2024-10-18	Show	GitHub Exploit DB Packet Storm

314896	9.8	CRITICAL Network	microsoft	visual_studio_code	Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.	NVD-CWE-noinfo	CVE-2024-43488	2024-10-22 06:05	2024-10-9	Show	GitHub Exploit DB Packet Storm

314897	6.1	MEDIUM Network	comfy	comfyui	A stored cross-site scripting (XSS) vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier. The vulnerability occurs when an attacker uploads an HTML file containing a mali…	CWE-79 Cross-site Scripting	CVE-2024-10099	2024-10-22 06:03	2024-10-18	Show	GitHub Exploit DB Packet Storm

314898	7.1	HIGH Network	microsoft	windows_server_2022_23h2 windows_server_2022 windows_server_2019 windows_10_1809 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_23h2 windows_11_…	Microsoft OpenSSH for Windows Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-43615	2024-10-22 06:00	2024-10-9	Show	GitHub Exploit DB Packet Storm

314899	5.4	MEDIUM Network	fahadmahmood	rss_feed_widget	The RSS Feed Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rfw-youtube-videos shortcode in all versions up to, and including, 2.9.9 due to insufficient inp…	CWE-79 Cross-site Scripting	CVE-2024-10057	2024-10-22 05:53	2024-10-18	Show	GitHub Exploit DB Packet Storm

314900	5.5	MEDIUM Local	microsoft	defender_for_endpoint	Microsoft Defender for Endpoint for Linux Spoofing Vulnerability	NVD-CWE-noinfo	CVE-2024-43614	2024-10-22 05:50	2024-10-9	Show	GitHub Exploit DB Packet Storm