Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2801	10	緊急 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-65091	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

2802	6.5	警告 Network	Mega-Fence Project	Mega-Fence	Mega-Fence ProjectのMega-Fenceにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性	CWE-807 セキュリティ決定の信頼できない入力への依存	CVE-2025-65328	2026-02-2 19:31	2026-01-5	Show	GitHub Exploit DB Packet Storm

2803	7.5	重要 Network	WebPros International GmbH	Plesk Obsidian	WebPros International GmbHのPlesk Obsidianにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65518	2026-02-2 19:31	2026-01-8	Show	GitHub Exploit DB Packet Storm

2804	8.8	重要 Network	Qode Interactive	Powerlift	Qode InteractiveのWordPress用Powerliftにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-66532	2026-02-2 19:31	2025-12-9	Show	GitHub Exploit DB Packet Storm

2805	4.8	警告 Network	Hotwire	Turbo	HotwireのTurboにおける競合状態に関する脆弱性	CWE-362 競合状態	CVE-2025-66803	2026-02-2 19:30	2026-01-20	Show	GitHub Exploit DB Packet Storm

2806	7.5	重要 Network	Manos	Websocket Server	ManosのWebsocket Serverにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2025-66902	2026-02-2 19:30	2026-01-20	Show	GitHub Exploit DB Packet Storm

2807	6.1	警告 Network	AnyComment	AnyComment.io	AnyCommentのAnyComment.ioにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-67025	2026-02-2 19:30	2026-01-15	Show	GitHub Exploit DB Packet Storm

2808	7.5	重要 Network	Revotech	I6032W-FHW Firmware	RevotechのI6032W-FHW Firmwareにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2025-67158	2026-02-2 19:30	2026-01-2	Show	GitHub Exploit DB Packet Storm

2809	7.5	重要 Network	Vatilon	PA4 Firmware	VatilonのPA4 Firmwareにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2025-67159	2026-02-2 19:30	2026-01-2	Show	GitHub Exploit DB Packet Storm

2810	7.5	重要 Network	Vatilon	PA4 Firmware	VatilonのPA4 Firmwareにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2025-67160	2026-02-2 19:30	2026-01-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
531	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() In tpacket_snd(), when PACKET_VNET_HDR is enabled, vnet_hdr point…	-	CVE-2026-31700	2026-05-3 16:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

532	7.1	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the …	-	CVE-2026-31699	2026-05-3 16:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

533	7.1	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to cop…	-	CVE-2026-31698	2026-05-3 16:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

534	7.1	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to cop…	-	CVE-2026-31697	2026-05-3 16:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

535	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: remove SET_NETDEV_DEV to avoid use-after-free Currently we execute `SET_NETDEV_DEV(dev, &priv->lowerdev->dev)` f…	-	CVE-2026-31695	2026-05-3 16:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

536	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-control…	-	CVE-2026-31694	2026-05-3 16:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

537	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code wher…	-	CVE-2026-31693	2026-05-3 16:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

538	6.5	MEDIUM Network	-	-	A security vulnerability has been detected in jsbroks COCO Annotator up to 0.11.1. Affected by this vulnerability is an unknown functionality of the file backend/webserver/api/datasets.py of the comp…	CWE-285 CWE-639 Improper Authorization Authorization Bypass Through User-Controlled Key	CVE-2026-7681	2026-05-3 15:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

539	4.3	MEDIUM Network	-	-	A weakness has been identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file backend/webserver/api/datasets.py of the component Data Endpoint. Executing a manipu…	CWE-22 Path Traversal	CVE-2026-7680	2026-05-3 15:15	2026-05-3	Show	GitHub Exploit DB Packet Storm

540	7.2	HIGH Network	-	-	The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submit_nex_form() function in versions up to,…	CWE-79 Cross-site Scripting	CVE-2026-5063	2026-05-3 15:15	2026-05-3	Show	GitHub Exploit DB Packet Storm