Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2041	7.8	重要 Local	huggingface	transformers	huggingfaceのtransformersにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2025-14928	2026-01-23 14:19	2025-12-23	Show	GitHub Exploit DB Packet Storm

2042	7.8	重要 Local	huggingface	transformers	huggingfaceのtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2025-14929	2026-01-23 14:19	2025-12-23	Show	GitHub Exploit DB Packet Storm

2043	7.8	重要 Local	huggingface	transformers	huggingfaceのtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2025-14930	2026-01-23 14:19	2025-12-23	Show	GitHub Exploit DB Packet Storm

2044	6.5	警告 Network	1234n	MiniCMS	1234nのMiniCMSにおける認証に関する脆弱性	CWE-287 CWE-noinfo	CVE-2025-15455	2026-01-23 14:19	2026-01-5	Show	GitHub Exploit DB Packet Storm

2045	7.5	重要 Network	ollama	ollama	ollamaにおけるNullPointerException Catch を使用した NULL ポインタデリファレンスの検出に関する脆弱性	CWE-395 NullPointerException Catch を使用した NULL ポインタデリファレンスの検出	CVE-2025-15514	2026-01-23 14:19	2026-01-12	Show	GitHub Exploit DB Packet Storm

2046	3.3	低 Local	HCL Technologies Limited	bigfix insights for vulnerability remediation	HCL Technologies Limitedのbigfix insights for vulnerability remediationにおける複数の脆弱性	CWE-306 CWE-352 CWE-352	CVE-2025-31963	2026-01-23 14:19	2026-01-7	Show	GitHub Exploit DB Packet Storm

2047	4.9	警告 Network	HCL Technologies Limited	bigfix insights for vulnerability remediation	HCL Technologies Limitedのbigfix insights for vulnerability remediationにおける複数の脆弱性	CWE-200 CWE-419 CWE-Other	CVE-2025-31964	2026-01-23 14:19	2026-01-7	Show	GitHub Exploit DB Packet Storm

2048	7.8	重要 Local	ON Semiconductor	QCS-AX2-S5 ファームウェア QV942C ファームウェア QCS-AX3-A12 ファームウェア QCS-AX3-S5 ファームウェア QHS710 ファームウェア QSR10GA ファームウェア QD840 ファームウェア QCS-AX3-T8 ファームウェア	ON SemiconductorのQCS-AX2-A12 ファームウェア等の複数製品における引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2025-32458	2026-01-23 14:19	2025-06-8	Show	GitHub Exploit DB Packet Storm

2049	7.8	重要 Local	ON Semiconductor	QCS-AX2-S5 ファームウェア QV942C ファームウェア QCS-AX3-A12 ファームウェア QCS-AX3-S5 ファームウェア QHS710 ファームウェア QSR10GA ファームウェア QD840 ファームウェア QCS-AX3-T8 ファームウェア	ON SemiconductorのQCS-AX2-A12 ファームウェア等の複数製品における引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2025-32459	2026-01-23 14:19	2025-06-8	Show	GitHub Exploit DB Packet Storm

2050	7.8	重要 Local	ON Semiconductor	QCS-AX2-S5 ファームウェア QV942C ファームウェア QCS-AX3-A12 ファームウェア QCS-AX3-S5 ファームウェア QHS710 ファームウェア QSR10GA ファームウェア QD840 ファームウェア QCS-AX3-T8 ファームウェア	ON SemiconductorのQCS-AX2-A12 ファームウェア等の複数製品における引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2025-3459	2026-01-23 14:19	2025-06-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
101	7.5	HIGH Network	-	-	OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function e… New	CWE-190 Integer Overflow or Wraparound	CVE-2026-33662	2026-04-25 04:17	2026-04-25	Show	GitHub Exploit DB Packet Storm

102	7.5	HIGH Network	-	-	Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, a crafted payload as small as 4-5 bytes can force memory allocations of up t… New	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-33524	2026-04-25 04:17	2026-04-25	Show	GitHub Exploit DB Packet Storm

103	4.3	MEDIUM Network	wolfssh	wolfssh	Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which w… New	CWE-126 CWE-125 Buffer Over-read Out-of-bounds Read	CVE-2026-0930	2026-04-25 04:15	2026-04-21	Show	GitHub Exploit DB Packet Storm

104	7.6	HIGH Network	hkuds	openharness	HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exp… New	CWE-287 Improper Authentication	CVE-2026-6729	2026-04-25 04:14	2026-04-21	Show	GitHub Exploit DB Packet Storm

105	6.5	MEDIUM Network	nicolargo	glances	Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API (`/api/4/*`) that is accessible without authentication and allows cr… New	CWE-200 CWE-306 CWE-942 Information Exposure Missing Authentication for Critical Function Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-34839	2026-04-25 04:09	2026-04-21	Show	GitHub Exploit DB Packet Storm

106	3.3	LOW Local	uutils	coreutils	A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S (split-string) option. In GNU env, backslashes within single quot… New	CWE-20 Improper Input Validation	CVE-2026-35377	2026-04-25 04:06	2026-04-23	Show	GitHub Exploit DB Packet Storm

107	4.7	MEDIUM Local	uutils	coreutils	A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute (xattr) preservation logic uses multiple path-base… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-35354	2026-04-25 04:04	2026-04-23	Show	GitHub Exploit DB Packet Storm

108	6.6	MEDIUM Local	uutils	coreutils	The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p (preserve) flag, the utility applies the source mode bit… New	CWE-281 Improper Preservation of Permissions	CVE-2026-35350	2026-04-25 04:04	2026-04-23	Show	GitHub Exploit DB Packet Storm

109	5.7	MEDIUM Adjacent	openclaw	openclaw	OpenClaw before 2026.4.2 accepts non-loopback cleartext ws:// gateway endpoints and transmits stored gateway credentials over unencrypted connections. Attackers can forge discovery results or craft s… New	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2026-40045	2026-04-25 04:03	2026-04-21	Show	GitHub Exploit DB Packet Storm

110	7.0	HIGH Local	uutils	coreutils	A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local at… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-35352	2026-04-25 04:03	2026-04-23	Show	GitHub Exploit DB Packet Storm