Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
531 7.3 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 New CWE-119
バッファエラー 		CVE-2026-7324 2026-05-7 12:01 2026-04-28 Show GitHub Exploit DB Packet Storm
532 7.5 重要
Network 		Wireshark Wireshark Wiresharkにおける無限ループに関する脆弱性 New CWE-835
無限ループ 		CVE-2026-7375 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
533 7.5 重要
Network 		Wireshark Wireshark WiresharkにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2026-7376 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
534 7.5 重要
Network 		Wireshark Wireshark Wiresharkにおけるヒープベースのバッファオーバーフローの脆弱性 New CWE-122
ヒープオーバーフロー 		CVE-2026-7378 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
535 7.5 重要
Network 		Wireshark Wireshark Wiresharkにおける有効期限後のメモリの解放の欠如に関する脆弱性 New CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-7379 2026-05-7 12:01 2026-04-30 Show GitHub Exploit DB Packet Storm
536 6.1 警告
Network 		dragonexpert Recent Threads on Index dragonexpertのRecent Threads on Indexにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2018-25309 2026-05-7 12:01 2026-04-29 Show GitHub Exploit DB Packet Storm
537 6.4 警告
Local 		レッドハット Web Terminal レッドハットのWeb Terminalにおける不適切なデフォルトパーミッションに関する脆弱性 New CWE-276
不適切なデフォルトパーミッション 		CVE-2025-57853 2026-05-7 12:01 2026-04-8 Show GitHub Exploit DB Packet Storm
538 8.5 重要
Network 		オラクル Oracle Life Sciences Empirica Signal オラクルのOracle Life Sciences Empirica Signalにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-21997 2026-05-7 12:01 2026-04-21 Show GitHub Exploit DB Packet Storm
539 9.8 緊急
Network 		Arc53 DocsGPT Arc53のDocsGPTにおけるコマンドインジェクションの脆弱性 New CWE-77
コマンドインジェクション 		CVE-2026-26015 2026-05-7 12:01 2026-04-29 Show GitHub Exploit DB Packet Storm
540 5.5 警告
Local 		レッドハット
Sequoia PGP		 rpm-sequoia
Red Hat Hardened Images
Red Hat Enterprise Linux 		レッドハット等の複数ベンダの製品におけるデジタル署名の検証に関する脆弱性 New CWE-347
デジタル署名の不適切な検証 		CVE-2026-2625 2026-05-7 12:01 2026-04-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312661 6.1 MEDIUM
Network 		waspthemes yellowpencil Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects Ye… CWE-79
Cross-site Scripting 		CVE-2024-43963 2024-08-31 01:10 2024-08-30 Show GitHub Exploit DB Packet Storm
312662 7.5 HIGH
Network 		ollama ollama extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory. CWE-22
Path Traversal 		CVE-2024-45436 2024-08-31 01:08 2024-08-29 Show GitHub Exploit DB Packet Storm
312663 7.2 HIGH
Network 		lopalopa responsive_school_management_system A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the… CWE-89
SQL Injection 		CVE-2024-41236 2024-08-31 01:02 2024-08-29 Show GitHub Exploit DB Packet Storm
312664 5.5 MEDIUM
Local 		irfanview irfanview An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). NVD-CWE-Other
CVE-2024-44915 2024-08-31 01:01 2024-08-29 Show GitHub Exploit DB Packet Storm
312665 5.5 MEDIUM
Local 		irfanview irfanview An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). NVD-CWE-Other
CVE-2024-44914 2024-08-31 01:01 2024-08-29 Show GitHub Exploit DB Packet Storm
312666 5.5 MEDIUM
Local 		irfanview irfanview An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). NVD-CWE-Other
CVE-2024-44913 2024-08-31 01:01 2024-08-29 Show GitHub Exploit DB Packet Storm
312667 9.8 CRITICAL
Network 		totolink a3002r_firmware TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restricti… CWE-787
 Out-of-bounds Write 		CVE-2024-34195 2024-08-31 00:59 2024-08-29 Show GitHub Exploit DB Packet Storm
312668 6.1 MEDIUM
Network 		jupyter jupyterlab
notebook 		jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious n… CWE-79
Cross-site Scripting 		CVE-2024-43805 2024-08-31 00:56 2024-08-29 Show GitHub Exploit DB Packet Storm
312669 8.0 HIGH
Network 		lopalopa music_management_system A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajax.php?action=save_user page. CWE-352
 Origin Validation Error 		CVE-2024-42793 2024-08-31 00:56 2024-08-29 Show GitHub Exploit DB Packet Storm
312670 8.8 HIGH
Network 		google chrome Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page… CWE-787
 Out-of-bounds Write 		CVE-2024-8193 2024-08-31 00:52 2024-08-29 Show GitHub Exploit DB Packet Storm