Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
41 8.8 重要
Network 		n8n n8n n8nにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-42237 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
42 9.8 緊急
Network 		nginxui Nginx UI Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-42238 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
43 7.7 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-42438 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
44 8.5 重要
Network 		OpenClaw OpenClaw OpenClawにおける複数の脆弱性 New CWE-862
CWE-918
CVE-2026-42439 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
45 7.5 重要
Network 		Apache Software Foundation Apache OpenNLP Apache Software FoundationのApache OpenNLPにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 New CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-42440 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
46 6.1 警告
Network 		Apache Software Foundation Apache Wicket Apache Software FoundationのApache Wicketにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42509 2026-05-8 12:22 2026-05-6 Show GitHub Exploit DB Packet Storm
47 4.3 警告
Network 		Jenkins プロジェクト Script Security JenkinsのScript Securityにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42519 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
48 7.5 重要
Network 		Jenkins プロジェクト Credentials Binding JenkinsのCredentials Bindingにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-42520 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
49 6.5 警告
Network 		Jenkins プロジェクト Matrix Authorization Strategy JenkinsのMatrix Authorization Strategyにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-42521 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
50 4.3 警告
Network 		Jenkins プロジェクト GitHub Branch Source JenkinsのGitHub Branch Sourceにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42522 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312681 9.8 CRITICAL
Network 		sportsnet sportsnet SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially… CWE-89
SQL Injection 		CVE-2024-29727 2024-08-31 00:43 2024-08-29 Show GitHub Exploit DB Packet Storm
312682 8.8 HIGH
Network 		etoilewebdesign front_end_users The Front End Users plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.2.28 due to insufficient escaping on the user supp… CWE-89
SQL Injection 		CVE-2024-7607 2024-08-31 00:41 2024-08-29 Show GitHub Exploit DB Packet Storm
312683 9.8 CRITICAL
Network 		feehi feehicms A vulnerability, which was classified as critical, was found in FeehiCMS up to 2.1.1. This affects the function update of the file /admin/index.php?r=friendly-link%2Fupdate. The manipulation of the a… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8294 2024-08-31 00:38 2024-08-29 Show GitHub Exploit DB Packet Storm
312684 9.8 CRITICAL
Network 		feehi feehicms A vulnerability has been found in FeehiCMS up to 2.1.1 and classified as critical. This vulnerability affects the function createBanner of the file /admin/index.php?r=banner%2Fbanner-create. The mani… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8295 2024-08-31 00:37 2024-08-29 Show GitHub Exploit DB Packet Storm
312685 9.8 CRITICAL
Network 		feehi feehicms A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Use… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8296 2024-08-31 00:36 2024-08-29 Show GitHub Exploit DB Packet Storm
312686 7.8 HIGH
Local 		aertherwide exiftags Buffer Overflow vulnerability in open source exiftags v.1.01 allows a local attacker to execute arbitrary code via the paresetag function. CWE-787
 Out-of-bounds Write 		CVE-2024-42851 2024-08-31 00:30 2024-08-28 Show GitHub Exploit DB Packet Storm
312687 7.5 HIGH
Network 		kitsada8621 digital_library_management_system A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been classified as problematic. Affected is the function JwtRefreshAuth of the file middleware/jwt_refresh_token… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2024-8297 2024-08-31 00:28 2024-08-29 Show GitHub Exploit DB Packet Storm
312688 9.8 CRITICAL
Network 		gitapp dingfanzu A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /aj… CWE-89
SQL Injection 		CVE-2024-8301 2024-08-31 00:24 2024-08-29 Show GitHub Exploit DB Packet Storm
312689 4.8 MEDIUM
Adjacent 		teldat rs123_firmware
rs123w_firmware 		Cross Site Scripting vulnerability in Teldats Router RS123, RS123w allows attacker to execute arbitrary code via the cmdcookie parameter to the upgrade/query.php page. CWE-79
Cross-site Scripting 		CVE-2022-39996 2024-08-31 00:17 2024-08-28 Show GitHub Exploit DB Packet Storm
312690 4.3 MEDIUM
Network 		smashballoon reviews_feed The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and i… CWE-352
 Origin Validation Error 		CVE-2024-8200 2024-08-31 00:08 2024-08-28 Show GitHub Exploit DB Packet Storm