Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2251	6.7	警告 Local	インテル	Intel Graphics Software インテルグラフィックス・ドライバー Linux Intel LTS Kernel	インテルのインテルグラフィックス・ドライバー等の複数製品における不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2025-32453	2026-04-21 10:43	2026-02-10	Show	GitHub Exploit DB Packet Storm

2252	2.8	低 Local	インテル	Intel Graphics Software インテルグラフィックス・ドライバー Linux Intel LTS Kernel	インテルのインテルグラフィックス・ドライバー等の複数製品における例外的な状態のチェックに関する脆弱性	CWE-754 例外的な状態における不適切なチェック	CVE-2025-32739	2026-04-21 10:43	2026-02-10	Show	GitHub Exploit DB Packet Storm

2253	9.1	緊急 Network	Grafana Labs	Grafana Pyroscope	Grafana LabsのGrafana Pyroscopeにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2025-41118	2026-04-21 10:43	2026-04-15	Show	GitHub Exploit DB Packet Storm

2254	6.1	警告 Network	Hind	Leaflet	Leafletにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-69993	2026-04-21 10:43	2026-04-14	Show	GitHub Exploit DB Packet Storm

2255	8.8	重要 Network	デル	PowerProtect DP Series Appliance data domain operating system	デルのdata domain operating system等の複数製品における証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-23776	2026-04-21 10:43	2026-04-17	Show	GitHub Exploit DB Packet Storm

2256	7.2	重要 Network	デル	PowerProtect DP Series Appliance data domain operating system	デルのdata domain operating system等の複数製品におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-23778	2026-04-21 10:42	2026-04-17	Show	GitHub Exploit DB Packet Storm

2257	6.7	警告 Local	デル	PowerProtect DP Series Appliance data domain operating system	デルのdata domain operating system等の複数製品におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-23779	2026-04-21 10:42	2026-04-17	Show	GitHub Exploit DB Packet Storm

2258	4.3	警告 Network	Apache Software Foundation	Apache ActiveMQ ActiveMQ Web ActiveMQ Broker	Apache Software FoundationのApache ActiveMQ等の複数製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33227	2026-04-21 10:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2259	7.3	重要 Local	BeeWare	Briefcase	BeeWareのBriefcaseにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-33430	2026-04-21 10:42	2026-03-26	Show	GitHub Exploit DB Packet Storm

2260	7.8	重要 Local	マイクロソフト	Microsoft Defender Antimalware Platform	Microsoft Defender の特権の昇格の脆弱性	CWE-1220 アクセス制御の不十分な粒度	CVE-2026-33825	2026-04-21 10:42	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
911	8.8	HIGH Network	-	-	A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manip… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7749	2026-05-5 00:17	2026-05-4	Show	GitHub Exploit DB Packet Storm

912	8.8	HIGH Network	-	-	A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The … New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7750	2026-05-5 00:17	2026-05-4	Show	GitHub Exploit DB Packet Storm

913	6.5	MEDIUM Network	vmware	spring_framework	A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully pr…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-22740	2026-05-4 23:51	2026-04-29	Show	GitHub Exploit DB Packet Storm

914	3.1	LOW Network	vmware	spring_framework	Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: * the ap…	CWE-524 Use of Cache Containing Sensitive Information	CVE-2026-22741	2026-05-4 23:51	2026-04-29	Show	GitHub Exploit DB Packet Storm

915	5.3	MEDIUM Network	vmware	spring_framework	Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: …	CWE-400 Uncontrolled Resource Consumption	CVE-2026-22745	2026-05-4 23:50	2026-04-29	Show	GitHub Exploit DB Packet Storm

916	9.8	CRITICAL Network	nvidia	nvflare	NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A succ…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-24178	2026-05-4 23:34	2026-04-29	Show	GitHub Exploit DB Packet Storm

917	8.8	HIGH Network	nvidia	nvflare	NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerabil…	CWE-502 Deserialization of Untrusted Data	CVE-2026-24186	2026-05-4 23:33	2026-04-29	Show	GitHub Exploit DB Packet Storm

918	6.5	MEDIUM Network	nvidia	nvflare	NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure.	CWE-20 Improper Input Validation	CVE-2026-24204	2026-05-4 23:33	2026-04-29	Show	GitHub Exploit DB Packet Storm

919	8.6	HIGH Network	nvidia	nemoclaw	NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that cause…	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2026-24222	2026-05-4 23:31	2026-04-29	Show	GitHub Exploit DB Packet Storm

920	6.3	MEDIUM Local	nvidia	nemoclaw	NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL refere…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-24231	2026-05-4 23:30	2026-04-29	Show	GitHub Exploit DB Packet Storm