Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2461	4.4	警告 Local	Authzed, Inc.	SpiceDB	Authzed, Inc.のSpiceDBにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-40091	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

2462	5.4	警告 Network	OpenMage	Magento	OpenMageのMagentoにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-40098	2026-04-27 11:21	2026-04-20	Show	GitHub Exploit DB Packet Storm

2463	7.5	重要 Network	free5gc	free5gc	free5GCにおける複数の脆弱性	CWE-285 CWE-636	CVE-2026-40248	2026-04-27 11:21	2026-04-16	Show	GitHub Exploit DB Packet Storm

2464	5.8	警告 Network	free5gc	free5gc udr	free5GCのfree5GC等の複数製品における例外的な状態のチェックに関する脆弱性	CWE-754 例外的な状態における不適切なチェック	CVE-2026-40343	2026-04-27 11:21	2026-04-22	Show	GitHub Exploit DB Packet Storm

2465	8.8	重要 Network	OpenMage	Magento	OpenMageのMagentoにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-40488	2026-04-27 11:21	2026-04-20	Show	GitHub Exploit DB Packet Storm

2466	9.1	緊急 Network	FreeScout	FreeScout	FreeScoutにおける複数の脆弱性	CWE-330 CWE-340	CVE-2026-40496	2026-04-27 11:21	2026-04-21	Show	GitHub Exploit DB Packet Storm

2467	8.1	重要 Network	FreeScout	FreeScout	FreeScoutにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40497	2026-04-27 11:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

2468	8.8	重要 Network	PJSIP	pjsip	PJSIPのpjsipにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-40614	2026-04-27 11:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

2469	6.5	警告 Network	decidim	decidim	Decidim Free Software AssociationのDecidimにおける不適切な権限設定に関する脆弱性	CWE-266 不適切な権限設定	CVE-2026-40869	2026-04-27 11:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

2470	9.8	緊急 Network	PJSIP	pjsip	PJSIPのpjsipにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-40892	2026-04-27 11:20	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1471	9.8	CRITICAL Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emac_dispatch_skb_zc() allocates a new skb via n…	NVD-CWE-noinfo	CVE-2026-43039	2026-05-9 03:48	2026-05-2	Show	GitHub Exploit DB Packet Storm

1472	9.8	CRITICAL Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the …	NVD-CWE-noinfo	CVE-2026-43038	2026-05-9 03:47	2026-05-2	Show	GitHub Exploit DB Packet Storm

1473	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: fix NULL pointer dereference in ep_queue When the gadget endpoint is disabled or not yet configured, the ep->…	CWE-476 NULL Pointer Dereference	CVE-2026-31755	2026-05-9 03:45	2026-05-2	Show	GitHub Exploit DB Packet Storm

1474	9.1	CRITICAL Network	zfnd	zebra-script zebrad	ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-script version 5.0.2, after a refactoring, Zebra failed to validate a consensus rule that restricted t…	CWE-573 Improper Following of Specification by Caller	CVE-2026-41583	2026-05-9 03:44	2026-05-9	Show	GitHub Exploit DB Packet Storm

1475	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: use skb_header_pointer() for TCPv4 GSO frag_off check Syzbot reported a KMSAN uninit-value warning in gso_features_check() c…	CWE-908 Use of Uninitialized Resource	CVE-2026-43036	2026-05-9 03:44	2026-05-2	Show	GitHub Exploit DB Packet Storm

1476	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak When building netlink messages…	CWE-908 Use of Uninitialized Resource	CVE-2026-43035	2026-05-9 03:43	2026-05-2	Show	GitHub Exploit DB Packet Storm

1477	9.1	CRITICAL Network	zfnd	zebra-script zebrad	ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0 and prior to zebra-script version 6.0.0, the fix for CVE-2026-41583 introduced a separate issue due to insufficient error…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-44497	2026-05-9 03:42	2026-05-9	Show	GitHub Exploit DB Packet Storm

1478	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bnxt_en: set backing store type from query type bnxt_hwrm_func_backing_store_qcaps_v2() stores resp->type from the firmware respo…	NVD-CWE-noinfo	CVE-2026-43034	2026-05-9 03:41	2026-05-2	Show	GitHub Exploit DB Packet Storm

1479	7.5	HIGH Network	zfnd	zebrad	ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit (MAX_BLOCK_SIGOPS), al…	CWE-682 Incorrect Calculation	CVE-2026-44498	2026-05-9 03:40	2026-05-9	Show	GitHub Exploit DB Packet Storm

1480	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src …	NVD-CWE-noinfo	CVE-2026-43033	2026-05-9 03:40	2026-05-2	Show	GitHub Exploit DB Packet Storm