Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2471	7.5	重要 Network	Html2Pdf project	Html2Pdf	Apryse Software Inc.のHTML2PDFにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2025-56589	2026-02-4 18:40	2026-01-22	Show	GitHub Exploit DB Packet Storm

2472	8.8	重要 Network	ZwiiCMS	ZwiiCMS	ZwiiCMSにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2025-57130	2026-02-4 18:40	2025-11-5	Show	GitHub Exploit DB Packet Storm

2473	5.4	警告 Network	The Starware	WorklogPRO	The StarwareのWorklogPROにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-57681	2026-02-4 18:40	2026-01-21	Show	GitHub Exploit DB Packet Storm

2474	7.5	重要 Network	ollama	ollama	ollamaにおける複数の脆弱性	CWE-20 CWE-400	CVE-2025-66959	2026-02-4 18:40	2026-01-21	Show	GitHub Exploit DB Packet Storm

2475	7.5	重要 Network	ollama	ollama	ollamaにおける複数の脆弱性	CWE-20 CWE-400	CVE-2025-66960	2026-02-4 18:40	2026-01-21	Show	GitHub Exploit DB Packet Storm

2476	7.5	重要 Network	Absolute Software	secure access	Absolute Softwareのsecure accessにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-0517	2026-02-4 18:40	2026-01-17	Show	GitHub Exploit DB Packet Storm

2477	4.8	警告 Network	Absolute Software	secure access	Absolute Softwareのsecure accessにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-0518	2026-02-4 18:40	2026-01-17	Show	GitHub Exploit DB Packet Storm

2478	3.4	低 Local	Absolute Software	secure access	Absolute Softwareのsecure accessにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-0519	2026-02-4 18:39	2026-01-17	Show	GitHub Exploit DB Packet Storm

2479	8.8	重要 Network	angeljudesuarez	School Management System Project In PHP Source Code	Angel Jude Reyes SuarezのSchool Management System Project In PHP Source Codeにおける複数の脆弱性	CWE-74 CWE-89	CVE-2026-1551	2026-02-4 18:39	2026-01-29	Show	GitHub Exploit DB Packet Storm

2480	9.8	緊急 Network	angeljudesuarez	School Management System Project In PHP Source Code	Angel Jude Reyes SuarezのSchool Management System Project In PHP Source Codeにおける複数の脆弱性	CWE-74 CWE-89	CVE-2026-1589	2026-02-4 18:39	2026-01-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
671	7.5	HIGH Network	-	-	An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Binary_Data_Transfer_DM16 causing a denial of service via crafted CAN fra…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-42467	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

672	7.5	HIGH Network	exim	exim	In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in…	CWE-684 Incorrect Provision of Specified Functionality	CVE-2026-40684	2026-05-2 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

673	10.0	CRITICAL Network	-	-	Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers t…	CWE-121 Stack-based Buffer Overflow	CVE-2026-37541	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

674	8.4	HIGH Local	-	-	OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF h…	CWE-190 Integer Overflow or Wraparound	CVE-2026-37540	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

675	9.8	CRITICAL Network	-	-	Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of…	CWE-121 Stack-based Buffer Overflow	CVE-2026-37539	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

676	-		-	-	An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) …	-	CVE-2026-37457	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

677	-		-	-	A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticated attacker to execute arbitrary commands via a crafted web request.	-	CVE-2026-26461	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

678	9.6	CRITICAL Network	-	-	A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the proce…	CWE-416 Use After Free	CVE-2026-22166	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

679	-		-	-	Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90. The `msg` parameter in the `/painel/gateways.php/error` endpoint does not properly sanitize user-suppli…	-	CVE-2025-69606	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

680	-		-	-	An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet specially crafted to bear a non-valid value in any Boolean field.	-	CVE-2025-63548	2026-05-2 03:16	2026-05-2	Show	GitHub Exploit DB Packet Storm