Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2881 9.8 緊急
Network 		Elasticsearch B.V. elastic cloud enterprise Elasticsearch B.V.のelastic cloud enterpriseにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2024-37282 2026-02-2 19:27 2024-06-28 Show GitHub Exploit DB Packet Storm
2882 8.8 重要
Network 		LimeSurvey LimeSurvey LimeSurveyにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-39063 2026-02-2 19:27 2024-07-9 Show GitHub Exploit DB Packet Storm
2883 7.5 重要
Network 		Synology Inc. Media Server Synology Inc.のMedia Serverにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2024-4464 2026-02-2 19:27 2024-12-18 Show GitHub Exploit DB Packet Storm
2884 9.8 緊急
Network 		QNAP Systems Hybrid Backup Sync QNAP SystemsのHybrid Backup Syncにおける複数の脆弱性 CWE-77
CWE-78
CVE-2024-50388 2026-02-2 19:27 2024-12-6 Show GitHub Exploit DB Packet Storm
2885 9.8 緊急
Network 		Academia ERP Student Information System Academia ERPのStudent Information Systemにおけるパストラバーサルの脆弱性 CWE-24
パストラバーサル (../filedir) 		CVE-2024-53636 2026-02-2 19:27 2025-04-26 Show GitHub Exploit DB Packet Storm
2886 4.9 警告
Network 		Palo Alto Networks PAN-OS Palo Alto NetworksのPAN-OSにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2024-5911 2026-02-2 19:27 2024-07-10 Show GitHub Exploit DB Packet Storm
2887 9.8 緊急
Network 		LimeSurvey LimeSurvey LimeSurveyにおける複数の脆弱性 CWE-74
CWE-89
CWE-89
CVE-2024-6933 2026-02-2 19:27 2024-07-21 Show GitHub Exploit DB Packet Storm
2888 7.8 重要
Local 		ブロケード コミュニケーションズ システムズ株式会社 fabric operating system ブロケード コミュニケーションズ システムズ株式会社のfabric operating systemにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2024-7517 2026-02-2 19:27 2024-11-21 Show GitHub Exploit DB Packet Storm
2889 4.9 警告
Network 		LimeSurvey LimeSurvey LimeSurveyにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2024-7887 2026-02-2 19:27 2024-08-17 Show GitHub Exploit DB Packet Storm
2890 7.8 重要
Local 		UPDF UPDF UPDFにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2025-10214 2026-02-2 19:27 2025-09-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
431 9.8 CRITICAL
Network 		- - Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allo… New CWE-79
Cross-site Scripting 		CVE-2025-14320 2026-05-4 18:15 2026-05-4 Show GitHub Exploit DB Packet Storm
432 5.3 MEDIUM
Network 		- - A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the… New CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error') 
Out-of-bounds Read 		CVE-2026-7737 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
433 7.3 HIGH
Network 		- - A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer … New CWE-189
CWE-191
Numeric Errors
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-7736 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
434 2.5 LOW
Local 		- - mutt before 2.3.2 has a show_sig_summary NULL pointer dereference. New CWE-476
 NULL Pointer Dereference 		CVE-2026-43864 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
435 3.7 LOW
Network 		- - mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c. New CWE-253
 Incorrect Check of Function Return Value 		CVE-2026-43863 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
436 3.7 LOW
Network 		- - In mutt before 2.3.2, the imap_auth_gss security level is mishandled. New CWE-843
Type Confusion 		CVE-2026-43862 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
437 3.7 LOW
Network 		- - mutt before 2.3.2 does not check for '\0' in url_pct_decode. New CWE-158
 Improper Neutralization of Null Byte or NUL Character 		CVE-2026-43861 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
438 3.7 LOW
Network 		- - mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest. New CWE-193
 Off-by-one Error 		CVE-2026-43860 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
439 3.7 LOW
Network 		- - mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest. New CWE-158
 Improper Neutralization of Null Byte or NUL Character 		CVE-2026-43859 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm
440 - - - A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-29200 2026-05-4 16:16 2026-05-4 Show GitHub Exploit DB Packet Storm