Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2421 8.8 重要
Network 		Honeywell International Inc. LenelS2 NetBox Honeywell International Inc.のLenelS2 NetBoxにおける引数の挿入または変更に関する脆弱性 CWE-88
引数の挿入または変更 		CVE-2024-2422 2026-02-4 18:42 2024-05-30 Show GitHub Exploit DB Packet Storm
2422 6.1 警告
Network 		Tiptap tiptap/extension-link Tiptapのtiptap/extension-linkにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-14284 2026-02-4 18:42 2025-12-9 Show GitHub Exploit DB Packet Storm
2423 7.5 重要
Network 		クアルコム SD730 ファームウェア
Snapdragon 820 Automotive Platform ファームウェア
snapdragon 680 4g mobile platform ファームウェア
c-v2x 9150 ファームウェア
QCM4290&n… 		クアルコムの9206 lte modem ファームウェア等の複数製品におけるバッファオーバーリードの脆弱性 CWE-126
バッファオーバーリード 		CVE-2025-21429 2026-02-4 18:42 2025-04-7 Show GitHub Exploit DB Packet Storm
2424 7.8 重要
Local 		クアルコム fastconnect 6900 ファームウェア
qcs5430 ファームウェア
WCD9370 ファームウェア
WCD9380 ファームウェア
Snapdragon 8cx Compute Platform (SC8180X-AB) ファームウェア
Snapdrag… 		クアルコムのfastconnect 6700 ファームウェア等の複数製品における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2025-21439 2026-02-4 18:42 2025-04-7 Show GitHub Exploit DB Packet Storm
2425 9 緊急
Network 		NVIDIA NVIDIA Isaac Lab NVIDIAのNVIDIA Isaac Labにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2025-33210 2026-02-4 18:42 2025-12-16 Show GitHub Exploit DB Packet Storm
2426 8.4 重要
Local 		NVIDIA NVIDIA Resiliency Extension NVIDIAのNVIDIA Resiliency ExtensionにおけるUNIX Symbolic Link のフォローに関する脆弱性 CWE-61
UNIX Symbolic Link のフォロー 		CVE-2025-33225 2026-02-4 18:42 2025-12-16 Show GitHub Exploit DB Packet Storm
2427 7 重要
Local 		NVIDIA NVIDIA Resiliency Extension NVIDIAのNVIDIA Resiliency Extensionにおける競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2025-33235 2026-02-4 18:42 2025-12-16 Show GitHub Exploit DB Packet Storm
2428 4.3 警告
Network 		ZwiiCMS ZwiiCMS ZwiiCMSにおける複数の脆弱性 CWE-667
CWE-863
CVE-2025-34467 2026-02-4 18:41 2025-12-31 Show GitHub Exploit DB Packet Storm
2429 7.8 重要
Local 		BMC Software Control-m/server BMC SoftwareのControl-m/serverにおける複数の脆弱性 CWE-214
CWE-522
CWE-532
CVE-2025-48709 2026-02-4 18:41 2025-08-7 Show GitHub Exploit DB Packet Storm
2430 5.9 警告
Network 		Haxx c-ares c-aresにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2025-62408 2026-02-4 18:41 2025-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 8.4 HIGH
Local 		- - Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploita… New CWE-120
Classic Buffer Overflow 		CVE-2018-25304 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
142 8.4 HIGH
Local 		- - SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key… New CWE-120
Classic Buffer Overflow 		CVE-2018-25307 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
143 8.8 HIGH
Network 		- - BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attack… New CWE-22
Path Traversal 		CVE-2018-25308 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
144 6.2 MEDIUM
Local 		- - SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can in… New CWE-120
Classic Buffer Overflow 		CVE-2018-25313 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
145 7.8 HIGH
Local 		- - An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by… New CWE-783
 Operator Precedence Logic Error 		CVE-2026-7270 2026-05-1 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
146 7.5 HIGH
Network 		- - Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both hea… New CWE-444
HTTP Request Smuggling 		CVE-2026-40560 2026-05-1 00:13 2026-04-29 Show GitHub Exploit DB Packet Storm
147 4.3 MEDIUM
Network 		- - Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged attacker with remote access could potentially exploit this vu… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-23773 2026-05-1 00:13 2026-04-29 Show GitHub Exploit DB Packet Storm
148 - - - Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application. New - CVE-2026-21023 2026-05-1 00:13 2026-04-29 Show GitHub Exploit DB Packet Storm
149 7.1 HIGH
Network 		- - Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privilege… New CWE-522
 Insufficiently Protected Credentials 		CVE-2026-35155 2026-05-1 00:13 2026-04-29 Show GitHub Exploit DB Packet Storm
150 4.3 MEDIUM
Network 		- - Jenkins Microsoft Entra ID (previously Azure AD) Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks. New CWE-601
Open Redirect 		CVE-2026-42525 2026-05-1 00:13 2026-04-29 Show GitHub Exploit DB Packet Storm