Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
481	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性 New	CWE-noinfo 情報不足	CVE-2026-31752	2026-05-11 10:59	2026-05-1	Show	GitHub Exploit DB Packet Storm

482	8.8	重要 Network	Koha	Koha	KohaにおけるSQL インジェクションの脆弱性 New	CWE-89 SQLインジェクション	CVE-2026-31844	2026-05-11 10:59	2026-03-11	Show	GitHub Exploit DB Packet Storm

483	7.8	重要 Local	マイクロソフト	SQL Server 2019 SQL Server 2025 SQL Server 2016 SQL Server 2022 SQL Server 2017	SQL サーバーの特権の昇格の脆弱性 New	CWE-89 SQLインジェクション	CVE-2026-32167	2026-05-11 10:59	2026-04-14	Show	GitHub Exploit DB Packet Storm

484	7.8	重要 Local	マイクロソフト	SQL Server 2019 SQL Server 2025 SQL Server 2016 SQL Server 2022 SQL Server 2017	SQL サーバーの特権の昇格の脆弱性 New	CWE-89 SQLインジェクション	CVE-2026-32176	2026-05-11 10:58	2026-04-14	Show	GitHub Exploit DB Packet Storm

485	7.5	重要 Network	マイクロソフト	.NET visual studio 2022	.NET のなりすましの脆弱性 New	CWE-138 特殊要素の不適切な無害化	CVE-2026-32178	2026-05-11 10:58	2026-04-14	Show	GitHub Exploit DB Packet Storm

486	6.5	警告 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける入力確認に関する脆弱性 New	CWE-20 不適切な入力確認	CVE-2026-32603	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

487	9.1	緊急 Network	X.Org Foundation レッドハット	X.Org X Server Red Hat Enterprise Linux	レッドハット等の複数ベンダの製品における境界外読み取りに関する脆弱性 New	CWE-125 境界外読み取り	CVE-2026-34000	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

488	9.1	緊急 Network	X.Org Foundation レッドハット	X.Org X Server Red Hat Enterprise Linux	レッドハット等の複数ベンダの製品における不適切な長さの値によるバッファへのアクセスに関する脆弱性 New	CWE-805 不適切な長さの値によるバッファへのアクセス	CVE-2026-34002	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

489	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるCRLF インジェクションの脆弱性 New	CWE-93 CRLF インジェクション	CVE-2026-34458	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

490	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-34459	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312311	8.8	HIGH Network	mindsdb	mindsdb	An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted ‘SELECT…	CWE-94 Code Injection	CVE-2024-45846	2024-09-17 02:30	2024-09-12	Show	GitHub Exploit DB Packet Storm

312312	5.4	MEDIUM Network	rocket.chat	rocket.chat	The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external acti…	CWE-79 Cross-site Scripting	CVE-2024-45621	2024-09-17 02:28	2024-09-3	Show	GitHub Exploit DB Packet Storm

312313	5.4	MEDIUM Network	elabftw	elabftw	eLabFTW is an open source electronic lab notebook for research labs. By uploading specially crafted files, a regular user can create a circumstance where a visitor's browser runs arbitrary JavaScript…	CWE-79 Cross-site Scripting	CVE-2024-28100	2024-09-17 02:28	2024-09-3	Show	GitHub Exploit DB Packet Storm

312314	-		-	-	Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.	CWE-1245	CVE-2024-24968	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

312315	-		-	-	Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.	CWE-203 Information Exposure Through Discrepancy	CVE-2024-23984	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

312316	-		-	-	Race condition in Seamless Firmware Updates for some Intel(R) reference platforms may allow a privileged user to potentially enable denial of service via local access.	-	CVE-2024-23599	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

312317	-		-	-	Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.	CWE-20 Improper Input Validation	CVE-2024-21871	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

312318	-		-	-	Improper input validation in UEFI firmware error handler for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.	CWE-20 Improper Input Validation	CVE-2024-21829	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

312319	-		-	-	Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access.	CWE-20 Improper Input Validation	CVE-2024-21781	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

312320	-		-	-	Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.	CWE-92 DEPRECATED: Improper Sanitization of Custom Special Characters	CVE-2023-43753	2024-09-17 02:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed