Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
41 8.8 重要
Network 		n8n n8n n8nにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-42237 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
42 9.8 緊急
Network 		nginxui Nginx UI Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-42238 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
43 7.7 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-42438 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
44 8.5 重要
Network 		OpenClaw OpenClaw OpenClawにおける複数の脆弱性 New CWE-862
CWE-918
CVE-2026-42439 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
45 7.5 重要
Network 		Apache Software Foundation Apache OpenNLP Apache Software FoundationのApache OpenNLPにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 New CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-42440 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
46 6.1 警告
Network 		Apache Software Foundation Apache Wicket Apache Software FoundationのApache Wicketにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42509 2026-05-8 12:22 2026-05-6 Show GitHub Exploit DB Packet Storm
47 4.3 警告
Network 		Jenkins プロジェクト Script Security JenkinsのScript Securityにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42519 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
48 7.5 重要
Network 		Jenkins プロジェクト Credentials Binding JenkinsのCredentials Bindingにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-42520 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
49 6.5 警告
Network 		Jenkins プロジェクト Matrix Authorization Strategy JenkinsのMatrix Authorization Strategyにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-42521 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
50 4.3 警告
Network 		Jenkins プロジェクト GitHub Branch Source JenkinsのGitHub Branch Sourceにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-42522 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312691 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free and race in fastrpc_map_find Currently, there is a race window between the point when the mutex… CWE-416
 Use After Free 		CVE-2022-48874 2024-08-29 11:42 2024-08-21 Show GitHub Exploit DB Packet Storm
312692 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix initialization of rx->link and rx->link_sta There are some codepaths that do not initialize rx->link_sta prop… CWE-476
 NULL Pointer Dereference 		CVE-2022-48876 2024-08-29 11:41 2024-08-21 Show GitHub Exploit DB Packet Storm
312693 7.1 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix refcount leak in amd_pmc_probe pci_get_domain_bus_and_slot() takes reference, the caller should release the… NVD-CWE-Other
CVE-2022-48881 2024-08-29 11:39 2024-08-21 Show GitHub Exploit DB Packet Storm
312694 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime servi… CWE-476
 NULL Pointer Dereference 		CVE-2022-48879 2024-08-29 11:39 2024-08-21 Show GitHub Exploit DB Packet Storm
312695 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Fix driver shutdown on closed serdev The driver shutdown callback (which sends EDL_SOC_RESET to the device ov… CWE-416
 Use After Free 		CVE-2022-48878 2024-08-29 11:39 2024-08-21 Show GitHub Exploit DB Packet Storm
312696 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path of_icc_get() alloc resources for path1, we should release it whe… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2022-48888 2024-08-29 11:36 2024-08-21 Show GitHub Exploit DB Packet Storm
312697 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY) Upon updating MAC security entity (SecY)… CWE-476
 NULL Pointer Dereference 		CVE-2022-48882 2024-08-29 11:36 2024-08-21 Show GitHub Exploit DB Packet Storm
312698 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: sched/core: Fix use-after-free bug in dup_user_cpus_ptr() Since commit 07ec77a1d4e8 ("sched: Allow task CPU affinity to be restri… CWE-415
CWE-416
 Double Free
 Use After Free 		CVE-2022-48892 2024-08-29 11:35 2024-08-21 Show GitHub Exploit DB Packet Storm
312699 9.8 CRITICAL
Network 		tenda g3_firmware A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. This issue affects the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argu… CWE-787
 Out-of-bounds Write 		CVE-2024-8224 2024-08-29 09:16 2024-08-28 Show GitHub Exploit DB Packet Storm
312700 9.8 CRITICAL
Network 		tenda g3_firmware A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTim… CWE-787
 Out-of-bounds Write 		CVE-2024-8225 2024-08-29 09:14 2024-08-28 Show GitHub Exploit DB Packet Storm