Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
521 7.5 重要
Network 		Wireshark Wireshark Wiresharkにおけるスタックベースのバッファオーバーフローの脆弱性 New CWE-121
スタックオーバーフロー 		CVE-2026-6868 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
522 5.5 警告
Local 		Wireshark Wireshark Wiresharkにおける不適切に制御された順次メモリ割り当てに関する脆弱性 New CWE-1325
不適切に制御された順次メモリ割り当て 		CVE-2026-6869 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
523 5.5 警告
Local 		Wireshark Wireshark Wiresharkにおける初期化されていないポインタのアクセスに関する脆弱性 New CWE-824
初期化されていないポインタのアクセス 		CVE-2026-6870 2026-05-7 12:02 2026-04-30 Show GitHub Exploit DB Packet Storm
524 5.6 警告
Network 		ollama ollama Ollamaにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-7020 2026-05-7 12:02 2026-04-26 Show GitHub Exploit DB Packet Storm
525 5.6 警告
Network 		vLLM vLLM vLLMにおける初期化されていないリソースの使用に関する脆弱性 New CWE-908
初期化されていないリソースの使用 		CVE-2026-7141 2026-05-7 12:02 2026-04-27 Show GitHub Exploit DB Packet Storm
526 7.5 重要
Network 		FreeBSD FreeBSD FreeBSDにおける複数の脆弱性 New CWE-674
CWE-791
CVE-2026-7164 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
527 7.8 重要
Local 		FreeBSD FreeBSD FreeBSDにおける演算子の優先順位についての論理エラーに関する脆弱性 New CWE-783
演算子の優先順位についての論理エラー 		CVE-2026-7270 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
528 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 New CWE-119
バッファエラー 		CVE-2026-7320 2026-05-7 12:01 2026-04-28 Show GitHub Exploit DB Packet Storm
529 9.6 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における古典的バッファオーバーフローの脆弱性 New CWE-120
古典的バッファオーバーフロー 		CVE-2026-7321 2026-05-7 12:01 2026-04-28 Show GitHub Exploit DB Packet Storm
530 7.3 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 New CWE-119
CWE-416
CVE-2026-7322 2026-05-7 12:01 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312721 5.3 MEDIUM
Network 		softlabbd radio_player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. This… CWE-862
 Missing Authorization 		CVE-2023-4024 2024-08-29 03:32 2024-08-17 Show GitHub Exploit DB Packet Storm
312722 5.3 MEDIUM
Network 		softlabbd radio_player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This… CWE-862
 Missing Authorization 		CVE-2023-4025 2024-08-29 03:30 2024-08-17 Show GitHub Exploit DB Packet Storm
312723 9.8 CRITICAL
Network 		alientechnology alr-f800_firmware A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified as critical. Affected is an unknown function of the file /var/www/cmd.php. The manipulation of the arg… CWE-285
Improper Authorization 		CVE-2024-7578 2024-08-29 03:27 2024-08-7 Show GitHub Exploit DB Packet Storm
312724 8.8 HIGH
Network 		alientechnology alr-f800_firmware A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.c… CWE-78
OS Command  		CVE-2024-7579 2024-08-29 03:26 2024-08-7 Show GitHub Exploit DB Packet Storm
312725 7.8 HIGH
Local 		okta verify Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5… CWE-427
 Uncontrolled Search Path Element 		CVE-2024-7061 2024-08-29 03:25 2024-08-8 Show GitHub Exploit DB Packet Storm
312726 5.4 MEDIUM
Network 		opentext alm_octane Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code executi… CWE-79
Cross-site Scripting 		CVE-2024-6361 2024-08-29 03:17 2024-08-6 Show GitHub Exploit DB Packet Storm
312727 5.4 MEDIUM
Network 		zephyr-one zephyr_project_manager Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project … CWE-79
Cross-site Scripting 		CVE-2024-43915 2024-08-29 02:44 2024-08-27 Show GitHub Exploit DB Packet Storm
312728 7.5 HIGH
Network 		yanzhenjie andserver AndServer 2.1.12 is vulnerable to Directory Traversal. CWE-22
Path Traversal 		CVE-2024-41310 2024-08-29 02:42 2024-08-3 Show GitHub Exploit DB Packet Storm
312729 - - - An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request. - CVE-2024-34087 2024-08-29 01:35 2024-08-27 Show GitHub Exploit DB Packet Storm
312730 - - - An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file. - CVE-2024-42845 2024-08-29 01:35 2024-08-24 Show GitHub Exploit DB Packet Storm