Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1681	8.8	重要 Network	WPDeveloper	BetterLinks	WPDeveloperのWordPress用BetterLinksにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2023-45104	2026-01-26 19:41	2025-01-2	Show	GitHub Exploit DB Packet Storm

1682	8.8	重要 Network	byconsole	wooodt lite	byconsoleのWordPress用wooodt liteにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2023-47179	2026-01-26 19:41	2025-01-2	Show	GitHub Exploit DB Packet Storm

1683	4.3	警告 Network	WPDeveloper	betterdocs	WPDeveloperのWordPress用betterdocsにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2023-47762	2026-01-26 19:41	2024-12-9	Show	GitHub Exploit DB Packet Storm

1684	8.8	重要 Network	Automattic Inc.	Jetpack	Automattic Inc.のWordPress用Jetpackにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2023-47788	2026-01-26 19:41	2024-06-19	Show	GitHub Exploit DB Packet Storm

1685	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2023-53512	2026-01-26 19:41	2025-10-1	Show	GitHub Exploit DB Packet Storm

1686	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2023-53514	2026-01-26 19:41	2025-10-1	Show	GitHub Exploit DB Packet Storm

1687	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2023-53518	2026-01-26 19:41	2025-10-1	Show	GitHub Exploit DB Packet Storm

1688	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2023-53527	2026-01-26 19:41	2025-10-1	Show	GitHub Exploit DB Packet Storm

1689	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2023-53529	2026-01-26 19:41	2025-10-1	Show	GitHub Exploit DB Packet Storm

1690	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2023-53531	2026-01-26 19:41	2025-10-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
431	-		-	-	Mastodon is a free, open-source social network server based on ActivityPub. Prior to v4.5.9, v4.4.16, and v4.3.22, Mastodon allows restricting new user sign-up based on e-mail domain names, and perfo… New	CWE-841 Improper Enforcement of Behavioral Workflow	CVE-2026-41259	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

432	-		-	-	A path traversal condition in Intrado 911 Emergency Gateway could allow an attacker with existing network access the ability to access the EGW management interface without authentication. Successful … New	CWE-35 Path Traversal: '.../...//'	CVE-2026-6074	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

433	-		-	-	LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads() is used to deserialize data received over unauthenticated gRPC channels wit… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-25874	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

434	6.8	MEDIUM Network	-	-	SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoose_multipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTT… New	CWE-125 CWE-191 Out-of-bounds Read Integer Underflow (Wrap or Wraparound)	CVE-2026-28525	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

435	-		-	-	A vulnerability in SpiceJet’s booking API allows unauthenticated users to query passenger name records (PNRs) without any access controls. Because PNR identifiers follow a predictable pattern, an att… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-6375	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

436	-		-	-	A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to be accessed using only a PNR and last name, with no authentication or verification mechanisms. This re… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-6376	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

437	7.1	HIGH Local	-	-	radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths that escape the … New	CWE-22 Path Traversal	CVE-2026-6940	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

438	6.6	MEDIUM Local	-	-	radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files outside the configured project directory by importing a malic… New	CWE-59 Link Following	CVE-2026-6941	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

439	9.8	CRITICAL Network	-	-	KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balance_serve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authe… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-26210	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm

440	-		-	-	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execut… New	CWE-943 Improper Neutralization of Special Elements in Data Query Logic	CVE-2026-41274	2026-04-24 23:50	2026-04-24	Show	GitHub Exploit DB Packet Storm