Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2851	9.1	緊急 Network	Open JS Foundation	fastify/middie	Open JS Foundationの@fastify/middieにおける解釈の競合に関する脆弱性	CWE-436 解釈の競合	CVE-2026-33804	2026-04-24 11:30	2026-04-16	Show	GitHub Exploit DB Packet Storm

2852	4.3	警告 Network	LangGenius, Inc.	Dify	LangGenius, Inc.のDifyにおける複数の脆弱性	CWE-284 CWE-863	CVE-2026-34082	2026-04-24 11:30	2026-04-20	Show	GitHub Exploit DB Packet Storm

2853	8.6	重要 Network	Chamilo Association	Chamilo LMS	Chamilo AssociationのChamilo LMSにおける複数の脆弱性	CWE-306 CWE-918	CVE-2026-34160	2026-04-24 11:30	2026-04-14	Show	GitHub Exploit DB Packet Storm

2854	5.4	警告 Network	Chamilo Association	Chamilo LMS	Chamilo AssociationのChamilo LMSにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-34161	2026-04-24 11:30	2026-04-14	Show	GitHub Exploit DB Packet Storm

2855	9.1	緊急 Network	Canonical	LXD	CanonicalのLXDにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-34177	2026-04-24 11:30	2026-04-9	Show	GitHub Exploit DB Packet Storm

2856	9.1	緊急 Network	Canonical	LXD	CanonicalのLXDにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-34178	2026-04-24 11:30	2026-04-9	Show	GitHub Exploit DB Packet Storm

2857	9.1	緊急 Network	Canonical	LXD	CanonicalのLXDにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性	CWE-915 動的に決定されたオブジェクト属性の不適切に制御された変更	CVE-2026-34179	2026-04-24 11:30	2026-04-9	Show	GitHub Exploit DB Packet Storm

2858	5.4	警告 Network	Docmost	Docmost	Docmostにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-34212	2026-04-24 11:30	2026-04-14	Show	GitHub Exploit DB Packet Storm

2859	5.4	警告 Network	Docmost	Docmost	Docmostにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-34213	2026-04-24 11:30	2026-04-14	Show	GitHub Exploit DB Packet Storm

2860	6.5	警告 Network	オラクル	PeopleSoft Enterprise HCM Absence Management	オラクルのPeopleSoft Enterprise HCM Absence Managementにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-34266	2026-04-24 11:30	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
981	-		-	-	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow w… New	-	CVE-2026-43359	2026-05-9 00:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

982	-		-	-	In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in try_release_subpage_extent_buffer() Call rcu_read_lock() before exiting the loop i… New	-	CVE-2026-43358	2026-05-9 00:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

983	-		-	-	In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050-core: fix pm_runtime error handling The return value of pm_runtime_get_sync() is not checked, allowing the dri… New	-	CVE-2026-43357	2026-05-9 00:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

984	-		-	-	In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis: Fix NULL pointer dereference in adis_init The adis_init() function dereferences adis->ops to check if the individ… New	-	CVE-2026-43356	2026-05-9 00:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

985	-		-	-	In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pm_runtime_put_autosuspend() before the error check to ensure the PM r… New	-	CVE-2026-43355	2026-05-9 00:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

986	-		-	-	In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in set_samp_freq Avoid division by zero when sampling frequency is unsp… New	-	CVE-2026-43354	2026-05-9 00:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

987	-		-	-	In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgic_allocate_private_irqs_locked() fails for any odd reason, we ex… New	-	CVE-2026-43351	2026-05-9 00:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

988	7.1	HIGH Network	-	-	FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filte… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-41906	2026-05-9 00:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

989	6.1	MEDIUM Network	-	-	If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a… New	-	CVE-2026-39826	2026-05-9 00:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

990	6.1	MEDIUM Network	-	-	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune ins… New	-	CVE-2026-39823	2026-05-9 00:16	2026-05-8	Show	GitHub Exploit DB Packet Storm