Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2651	7.6	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-39369	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2652	7.1	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-39370	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2653	7.8	重要 Local	Vim	Vim	Vimにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-39881	2026-04-24 11:42	2026-04-8	Show	GitHub Exploit DB Packet Storm

2654	5.3	警告 Network	OpenEXR	OpenEXR	OpenEXRにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-39886	2026-04-24 11:42	2026-04-21	Show	GitHub Exploit DB Packet Storm

2655	8.8	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-39891	2026-04-24 11:42	2026-04-8	Show	GitHub Exploit DB Packet Storm

2656	4.3	警告 Network	lycheeorg	lychee	lycheeorgのLycheeにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-39957	2026-04-24 11:42	2026-04-9	Show	GitHub Exploit DB Packet Storm

2657	9.6	緊急 Network	MISP	MISP	MISPにおけるLDAP インジェクションの脆弱性	CWE-90 LDAP インジェクション	CVE-2026-39962	2026-04-24 11:42	2026-04-9	Show	GitHub Exploit DB Packet Storm

2658	6.9	警告 Network	s9y	Serendipity	s9yのSerendipityにおける検証および完全性チェックを行っていない Cookie への依存に関する脆弱性	CWE-565 検証および完全性チェックを行っていない Cookie への依存	CVE-2026-39963	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

2659	7.2	重要 Network	s9y	Serendipity	s9yのSerendipityにおけるHTTP レスポンス分割に関する脆弱性	CWE-113 HTTP レスポンスの分割	CVE-2026-39971	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

2660	7.1	重要 Local	apktool	apktool	Apktoolにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-39973	2026-04-24 11:42	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1091	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely.…	-	CVE-2026-43184	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1092	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode kaweth_set_rx_mode(), the ndo_set_rx_mode callback, calls ne…	-	CVE-2026-43180	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1093	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput() in do_procmap_query() When user provides incorrectly sized buffer for build ID for PROCMAP_QU…	-	CVE-2026-43178	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1094	8.8	HIGH Adjacent	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 ("wifi: rtw89: pci: validate…	-	CVE-2026-43176	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1095	8.8	HIGH Adjacent	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix 22000 series SMEM parsing If the firmware were to report three LMACs (which doesn't exist in hardware) then us…	-	CVE-2026-43172	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1096	7.1	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length a…	-	CVE-2026-43166	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1097	7.5	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in __udp_enqueue_schedule_skb(). syzbot reported null-ptr-deref of udp_sk(sk)->udp_prod_queue. [0] S…	-	CVE-2026-43164	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1098	8.8	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592 and xfs/794 both trip this assertion in the leaf block fre…	-	CVE-2026-43158	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1099	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfs_attr_leaf_hasname The calling convention of xfs_attr_leaf_hasname() is problematic, because it returns a NULL buf…	-	CVE-2026-43153	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

1100	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models (at…	-	CVE-2026-43150	2026-05-8 22:16	2026-05-6	Show	GitHub Exploit DB Packet Storm