Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2451	4.9	警告 Network	オラクル	Oracle Workflow	オラクルのOracle Workflowにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-21959	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2452	6.5	警告 Network	オラクル	Oracle Applications DBA	オラクルのOracle Applications DBAにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-21960	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2453	10	緊急 Network	オラクル	Oracle Weblogic Server Proxy Plug-in Oracle HTTP Server	オラクルのOracle HTTP Server等の複数製品におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-21962	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2454	6	警告 Local	オラクル	Oracle VM VirtualBox	オラクルのOracle VM VirtualBoxにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-21963	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2455	4.9	警告 Network	オラクル	MySQL	オラクルのMySQLにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21964	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2456	6.1	警告 Network	オラクル	Oracle Hospitality OPERA 5	オラクルのOracle Hospitality OPERA 5における不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21966	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2457	8.6	重要 Network	オラクル	Oracle Hospitality OPERA 5	オラクルのOracle Hospitality OPERA 5における不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21967	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2458	9.8	緊急 Network	オラクル	Oracle Agile Product Lifecycle Management for Process	オラクルのOracle Agile Product Lifecycle Management for Processにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21969	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2459	5.3	警告 Network	オラクル	Oracle Configurator	オラクルのOracle Configuratorにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21972	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

2460	4.5	警告 Network	オラクル	Java VM	オラクルのJava VMにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-21975	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
81	4.8	MEDIUM Network	-	-	Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an admin… Update	CWE-295 Improper Certificate Validation	CVE-2026-40557	2026-05-1 01:16	2026-04-27	Show	GitHub Exploit DB Packet Storm

82	9.8	CRITICAL Network	-	-	Cockpit v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter within multiple endpoints. This vulnerability allows an attacker to run system commands on the underlyin… New	CWE-94 Code Injection	CVE-2026-38992	2026-05-1 01:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

83	7.5	HIGH Network	-	-	U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication… New	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-36959	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

84	7.5	HIGH Network	-	-	A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management in… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-36958	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

85	7.5	HIGH Network	-	-	Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent … New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-36957	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

86	8.8	HIGH Network	-	-	A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanism… New	CWE-352 Origin Validation Error	CVE-2026-36956	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

87	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34998	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

88	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34997	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

89	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34996	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

90	-		-	-	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. New	-	CVE-2026-34995	2026-05-1 01:16	2026-05-1	Show	GitHub Exploit DB Packet Storm