Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2991	6.5	警告 Network	The Kyverno Authors	Kyverno	The Kyverno AuthorsのKyvernoにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-23881	2026-02-4 18:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

2992	5.9	警告 Network	octoprint.org	OctoPrint	octoprint.orgのOctoPrintにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-23892	2026-02-4 18:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

2993	5.3	警告 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-23961	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

2994	7.5	重要 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-23962	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

2995	6.5	警告 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-23963	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

2996	5.4	警告 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける複数の脆弱性	CWE-639 CWE-863	CVE-2026-23964	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

2997	5.3	警告 Network	Linux Foundation	rekor	Linux Foundationのrekorにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-24117	2026-02-4 18:35	2026-01-22	Show	GitHub Exploit DB Packet Storm

2998	6.1	警告 Network	typemill	typemill	typemillにおける複数の脆弱性	CWE-116 CWE-79 CWE-79	CVE-2026-24127	2026-02-4 18:35	2026-01-23	Show	GitHub Exploit DB Packet Storm

2999	6.5	警告 Network	Shenzhen Tenda Technology Co.,Ltd.	w30e ファームウェア	Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおける過度に許容されるクロスドメインホワイトリストに関する脆弱性	CWE-942 過度に許容されるクロスドメインホワイトリスト	CVE-2026-24435	2026-02-4 18:35	2026-01-26	Show	GitHub Exploit DB Packet Storm

3000	6.3	警告 Local	Sensio Labs	Symfony	Sensio LabsのSymfonyにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-24739	2026-02-4 18:35	2026-01-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
481	-		-	-	WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the makeRequest.cgi binary that allows unauthenticated remote attackers to execute arbitrary s… New	CWE-78 OS Command	CVE-2026-41924	2026-05-6 04:47	2026-05-5	Show	GitHub Exploit DB Packet Storm

482	-		-	-	WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the adm.cgi binary's reboot_time function that allows unauthenticated remote attackers to exec… New	CWE-78 OS Command	CVE-2026-41925	2026-05-6 04:47	2026-05-5	Show	GitHub Exploit DB Packet Storm

483	-		-	-	WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the firewall.cgi binary across five request handlers that apply insufficient input validation.… New	CWE-78 OS Command	CVE-2026-41926	2026-05-6 04:47	2026-05-5	Show	GitHub Exploit DB Packet Storm

484	-		-	-	WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains a stack-based buffer overflow vulnerability in the firewall.cgi and makeRequest.cgi binaries that allows unauthenticated attackers to o… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-41927	2026-05-6 04:47	2026-05-5	Show	GitHub Exploit DB Packet Storm

485	3.7	LOW Network	-	-	mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest. New	CWE-158 Improper Neutralization of Null Byte or NUL Character	CVE-2026-43859	2026-05-6 04:44	2026-05-4	Show	GitHub Exploit DB Packet Storm

486	3.7	LOW Network	-	-	mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest. New	CWE-193 Off-by-one Error	CVE-2026-43860	2026-05-6 04:44	2026-05-4	Show	GitHub Exploit DB Packet Storm

487	3.7	LOW Network	-	-	mutt before 2.3.2 does not check for '\0' in url_pct_decode. New	CWE-158 Improper Neutralization of Null Byte or NUL Character	CVE-2026-43861	2026-05-6 04:44	2026-05-4	Show	GitHub Exploit DB Packet Storm

488	3.7	LOW Network	-	-	In mutt before 2.3.2, the imap_auth_gss security level is mishandled. New	CWE-843 Type Confusion	CVE-2026-43862	2026-05-6 04:44	2026-05-4	Show	GitHub Exploit DB Packet Storm

489	3.7	LOW Network	-	-	mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c. New	CWE-253 Incorrect Check of Function Return Value	CVE-2026-43863	2026-05-6 04:44	2026-05-4	Show	GitHub Exploit DB Packet Storm

490	2.5	LOW Local	-	-	mutt before 2.3.2 has a show_sig_summary NULL pointer dereference. New	CWE-476 NULL Pointer Dereference	CVE-2026-43864	2026-05-6 04:44	2026-05-4	Show	GitHub Exploit DB Packet Storm