Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
41 8.8 重要
Network 		n8n n8n n8nにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-42237 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
42 9.8 緊急
Network 		nginxui Nginx UI Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-42238 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
43 7.7 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-42438 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
44 8.5 重要
Network 		OpenClaw OpenClaw OpenClawにおける複数の脆弱性 New CWE-862
CWE-918
CVE-2026-42439 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
45 7.5 重要
Network 		Apache Software Foundation Apache OpenNLP Apache Software FoundationのApache OpenNLPにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 New CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-42440 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
46 6.1 警告
Network 		Apache Software Foundation Apache Wicket Apache Software FoundationのApache Wicketにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42509 2026-05-8 12:22 2026-05-6 Show GitHub Exploit DB Packet Storm
47 4.3 警告
Network 		Jenkins プロジェクト Script Security JenkinsのScript Securityにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42519 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
48 7.5 重要
Network 		Jenkins プロジェクト Credentials Binding JenkinsのCredentials Bindingにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-42520 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
49 6.5 警告
Network 		Jenkins プロジェクト Matrix Authorization Strategy JenkinsのMatrix Authorization Strategyにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-42521 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
50 4.3 警告
Network 		Jenkins プロジェクト GitHub Branch Source JenkinsのGitHub Branch Sourceにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42522 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312551 7.8 HIGH
Local 		openatom openharmony in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. CWE-787
 Out-of-bounds Write 		CVE-2024-38386 2024-09-5 01:56 2024-09-2 Show GitHub Exploit DB Packet Storm
312552 4.3 MEDIUM
Network 		mattermost mattermost_server Mattermost versions 9.9.x <= 9.9.0 and 9.5.x <= 9.5.6 fail to validate the source of sync messages and only allow the correct remote IDs, which allows a malicious remote to set arbitrary RemoteId val… CWE-346
 Origin Validation Error 		CVE-2024-41926 2024-09-5 01:55 2024-08-2 Show GitHub Exploit DB Packet Storm
312553 6.5 MEDIUM
Network 		misp misp In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin. CWE-863
 Incorrect Authorization 		CVE-2024-45509 2024-09-5 01:45 2024-09-2 Show GitHub Exploit DB Packet Storm
312554 9.8 CRITICAL
Network 		htmldoc_project htmldoc HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. CWE-787
 Out-of-bounds Write 		CVE-2024-45508 2024-09-5 01:44 2024-09-2 Show GitHub Exploit DB Packet Storm
312555 9.8 CRITICAL
Network 		oretnom23 computer_laboratory_management_system A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /clas… CWE-89
SQL Injection 		CVE-2024-8348 2024-09-5 01:43 2024-08-31 Show GitHub Exploit DB Packet Storm
312556 9.8 CRITICAL
Network 		oretnom23 computer_laboratory_management_system A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.… CWE-89
SQL Injection 		CVE-2024-8347 2024-09-5 01:42 2024-08-31 Show GitHub Exploit DB Packet Storm
312557 6.1 MEDIUM
Network 		tpmecms tpmecms TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/page?ref=addtabs via the "Title," "Images," and "Content" fields. CWE-79
Cross-site Scripting 		CVE-2024-44684 2024-09-5 01:42 2024-08-31 Show GitHub Exploit DB Packet Storm
312558 6.1 MEDIUM
Network 		seacms seacms Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video.php. CWE-79
Cross-site Scripting 		CVE-2024-44683 2024-09-5 01:41 2024-08-31 Show GitHub Exploit DB Packet Storm
312559 5.5 MEDIUM
Local 		openatom openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. CWE-125
Out-of-bounds Read 		CVE-2024-39612 2024-09-5 01:38 2024-09-2 Show GitHub Exploit DB Packet Storm
312560 6.1 MEDIUM
Network 		shopxo shopxo ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the backend that allows attackers to execute code by changing POST parameters. CWE-79
Cross-site Scripting 		CVE-2024-44682 2024-09-5 01:38 2024-08-31 Show GitHub Exploit DB Packet Storm