Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2411 4.5 警告
Network 		Hitachi Energy Relion 670 ファームウェア
Relion 650 ファームウェア 		Hitachi Energy 製 Relion 670、650 および SAM600-IO Series におけるデータの信頼性確認が不十分な脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2022-3864 2026-02-5 14:30 2023-03-10 Show GitHub Exploit DB Packet Storm
2412 7.5 重要
Network 		Hitachi Energy Relion 670 ファームウェア
Relion 650 ファームウェア 		Hitachi Energy 製 IEC 61850 MMS-Server におけるリソースの不適切なシャットダウンまたはリリースの脆弱性 CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2022-3353 2026-02-5 14:29 2023-03-31 Show GitHub Exploit DB Packet Storm
2413 4.7 警告
Network 		web2py web2py web2pyにおけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2026-25198 2026-02-5 14:03 2026-02-5 Show GitHub Exploit DB Packet Storm
2414 - - RISS SRL MOMA Seismic Station RISS SRL製MOMA Seismic Stationにおける重要な機能に対する認証の欠如の脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-1632 2026-02-5 12:32 2026-02-4 Show GitHub Exploit DB Packet Storm
2415 - - Avation Avation Light Engine Pro Avation Light Engine Proにおける重要な機能に対する認証の欠如の脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-1341 2026-02-5 12:32 2026-02-4 Show GitHub Exploit DB Packet Storm
2416 7.5 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. D151
D301 		Shenzhen Tenda Technology Co.,Ltd.のD151等の複数製品における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2021-47802 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
2417 7.5 重要
Network 		yodinfo Mini Mouse yodinfoのMini Mouseにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-47849 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
2418 7.5 重要
Network 		yodinfo Mini Mouse yodinfoのMini Mouseにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2021-47850 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
2419 9.8 緊急
Network 		yodinfo Mini Mouse yodinfoのMini MouseにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-47851 2026-02-4 18:42 2026-01-21 Show GitHub Exploit DB Packet Storm
2420 7.5 重要
Network 		クアルコム MSM8608 ファームウェア
APQ8017 ファームウェア
qcn6224 ファームウェア
Snapdragon 210 Processor Firmware
fastconnect 7800 ファームウェア
snapdragon 425 mobile … 		クアルコムのQualcomm 205 Mobile Platform ファームウェア等の複数製品におけるバッファオーバーリードの脆弱性 CWE-126
バッファオーバーリード 		CVE-2024-23358 2026-02-4 18:42 2024-09-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
381 - - - Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for … New CWE-354
CWE-494
 Improper Validation of Integrity Check Value
 Download of Code Without Integrity Check 		CVE-2026-32148 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
382 7.2 HIGH
Network 		- - Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticat… New CWE-78
OS Command  		CVE-2026-7461 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
383 6.5 MEDIUM
Network 		- - Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3. New CWE-522
 Insufficiently Protected Credentials 		CVE-2026-28909 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
384 3.5 LOW
Network 		- - A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument p… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-7501 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
385 5.4 MEDIUM
Network 		- - A security vulnerability has been detected in LinkStackOrg LinkStack up to 4.8.6. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php of the component Ma… New CWE-285
CWE-639
Improper Authorization
 Authorization Bypass Through User-Controlled Key 		CVE-2026-7502 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
386 8.8 HIGH
Network 		- - A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cst… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7503 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
387 7.3 HIGH
Network 		- - A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attac… New CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-7505 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
388 7.3 HIGH
Network 		- - A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument room_type le… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-7506 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
389 6.3 MEDIUM
Network 		- - A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulat… New CWE-74
CWE-94
Injection
Code Injection 		CVE-2026-7508 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm
390 6.3 MEDIUM
Network 		- - A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulati… New CWE-285
CWE-639
Improper Authorization
 Authorization Bypass Through User-Controlled Key 		CVE-2026-7510 2026-05-2 00:26 2026-05-1 Show GitHub Exploit DB Packet Storm