Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1971	5.5	警告 Local	International Color Consortium (ICC)	iccDEV	International Color Consortium (ICC)のiccDEVにおける数値型間の変換の誤りに関する脆弱性	CWE-681 数値型間の変換の誤り	CVE-2026-34550	2026-04-21 10:47	2026-03-31	Show	GitHub Exploit DB Packet Storm

1972	5.5	警告 Local	International Color Consortium (ICC)	iccDEV	International Color Consortium (ICC)のiccDEVにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-34551	2026-04-21 10:47	2026-03-31	Show	GitHub Exploit DB Packet Storm

1973	5.5	警告 Local	International Color Consortium (ICC)	iccDEV	International Color Consortium (ICC)のiccDEVにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-34552	2026-04-21 10:47	2026-03-31	Show	GitHub Exploit DB Packet Storm

1974	5.5	警告 Local	International Color Consortium (ICC)	iccDEV	International Color Consortium (ICC)のiccDEVにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34554	2026-04-21 10:47	2026-03-31	Show	GitHub Exploit DB Packet Storm

1975	6.2	警告 Local	International Color Consortium (ICC)	iccDEV	International Color Consortium (ICC)のiccDEVにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-34555	2026-04-21 10:47	2026-03-31	Show	GitHub Exploit DB Packet Storm

1976	5.5	警告 Local	International Color Consortium (ICC)	iccDEV	International Color Consortium (ICC)のiccDEVにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34556	2026-04-21 10:47	2026-03-31	Show	GitHub Exploit DB Packet Storm

1977	9.1	緊急 Network	Vikunja	Vikunja	Vikunjaにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-34727	2026-04-21 10:47	2026-04-10	Show	GitHub Exploit DB Packet Storm

1978	5.4	警告 Network	vLLM	vLLM	vLLMにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34753	2026-04-21 10:47	2026-04-6	Show	GitHub Exploit DB Packet Storm

1979	6.5	警告 Network	vLLM	vLLM	vLLMにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-34755	2026-04-21 10:47	2026-04-6	Show	GitHub Exploit DB Packet Storm

1980	6.5	警告 Network	vLLM	vLLM	vLLMにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-34756	2026-04-21 10:47	2026-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	8.8	HIGH Network	google	chrome	Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)	CWE-416 Use After Free	CVE-2026-7361	2026-05-1 01:37	2026-04-29	Show	GitHub Exploit DB Packet Storm

602	8.8	HIGH Network	google	chrome	Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security s…	CWE-416 Use After Free	CVE-2026-7363	2026-05-1 01:37	2026-04-29	Show	GitHub Exploit DB Packet Storm

603	4.3	MEDIUM Network	google	chrome	Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: M…	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-7340	2026-05-1 01:36	2026-04-29	Show	GitHub Exploit DB Packet Storm

604	8.8	HIGH Network	google	chrome	Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-7341	2026-05-1 01:36	2026-04-29	Show	GitHub Exploit DB Packet Storm

605	8.8	HIGH Network	google	chrome	Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity…	CWE-416 Use After Free	CVE-2026-7342	2026-05-1 01:36	2026-04-29	Show	GitHub Exploit DB Packet Storm

606	7.5	HIGH Network	google	chrome	Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…	CWE-416 Use After Free	CVE-2026-7343	2026-05-1 01:36	2026-04-29	Show	GitHub Exploit DB Packet Storm

607	8.8	HIGH Network	google	chrome	Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr…	CWE-416 Use After Free	CVE-2026-7344	2026-05-1 01:36	2026-04-29	Show	GitHub Exploit DB Packet Storm

608	8.3	HIGH Network	google	chrome	Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox esc…	CWE-20 Improper Input Validation	CVE-2026-7345	2026-05-1 01:36	2026-04-29	Show	GitHub Exploit DB Packet Storm

609	8.8	HIGH Network	tenda	hg3_firmware	A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. The manipulation of the argument fmgpon_l…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7096	2026-05-1 01:18	2026-04-27	Show	GitHub Exploit DB Packet Storm

610	4.8	MEDIUM Network	-	-	Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an admin…	CWE-295 Improper Certificate Validation	CVE-2026-40557	2026-05-1 01:16	2026-04-27	Show	GitHub Exploit DB Packet Storm