Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
101	7.5	重要 Network	メディアテック	nr16 NR17R NR15 nr17	メディアテックのNR15等の複数製品における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-20405	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

102	7.5	重要 Network	メディアテック	nr16 NR17R NR15 nr17	メディアテックのNR15等の複数製品における複数の脆弱性	CWE-754 CWE-770	CVE-2026-20406	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

103	9.3	緊急 Local	メディアテック	nbiot sdk	メディアテックのnbiot sdkにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-20407	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

104	8.8	重要 Adjacent	OpenWrt Project メディアテック	openwrt Software Development Kit	メディアテック等の複数ベンダの製品における複数の脆弱性	CWE-122 CWE-787	CVE-2026-20408	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

105	7.8	重要 Local	Google	Android	GoogleのAndroidにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-20409	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

106	6.7	警告 Local	Google	Android	GoogleのAndroidにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-20410	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

107	7.8	重要 Local	Google	Android	GoogleのAndroidにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-20411	2026-02-6 10:37	2026-02-2	Show	GitHub Exploit DB Packet Storm

108	7.8	重要 Local	Google	Android	GoogleのAndroidにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-20412	2026-02-6 10:36	2026-02-2	Show	GitHub Exploit DB Packet Storm

109	6.5	警告 Network	hono	hono	honoにおける不正な正規表現に関する脆弱性	CWE-185 不正な正規表現	CVE-2026-24398	2026-02-6 10:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

110	5.3	警告 Network	hono	hono	honoにおける複数の脆弱性	CWE-524 CWE-613	CVE-2026-24472	2026-02-6 10:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
401	-		-	-	DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplie… New	CWE-89 SQL Injection	CVE-2026-40900	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

402	-		-	-	mcp-framework is a framework for building Model Context Protocol (MCP) servers. In versions 0.2.21 and below, the readRequestBody() function in the HTTP transport concatenates request body chunks int… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-39313	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

403	-		-	-	free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceI… New	CWE-285 Improper Authorization	CVE-2026-40246	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

404	-		-	-	free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for reading Traffic Influence Subscriptions checks whether the influenceId… New	CWE-285 CWE-636 Improper Authorization Not Failing Securely ('Failing Open')	CVE-2026-40247	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

405	-		-	-	DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerT… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-40901	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

406	4.8	MEDIUM Network	-	-	Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to bypass t… New	CWE-305 CWE-319 Authentication Bypass by Primary Weakness Cleartext Transmission of Sensitive Information	CVE-2026-33472	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

407	4.9	MEDIUM Network	-	-	Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox… New	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-34164	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

408	-		-	-	spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocat… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-35469	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

409	7.5	HIGH Network	-	-	ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack bu… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-40170	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

410	-		-	-	free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether th… New	CWE-285 CWE-636 Improper Authorization Not Failing Securely ('Failing Open')	CVE-2026-40248	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm