Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3171	9.8	緊急 Network	Elasticsearch B.V.	Logstash	Elasticsearch B.V.のLogstashにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33466	2026-04-23 10:13	2026-04-8	Show	GitHub Exploit DB Packet Storm

3172	4.3	警告 Network	EspoCRM	EspoCRM	EspoCRMにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-33534	2026-04-23 10:13	2026-04-13	Show	GitHub Exploit DB Packet Storm

3173	7.8	重要 Local	Craig J. Bass (craigjbass)	ClearanceKit	Craig J. Bass (craigjbass)のClearanceKitにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-33632	2026-04-23 10:13	2026-03-26	Show	GitHub Exploit DB Packet Storm

3174	5.4	警告 Network	EspoCRM	EspoCRM	EspoCRMにおける複数の脆弱性	CWE-116 CWE-80	CVE-2026-33657	2026-04-23 10:13	2026-04-13	Show	GitHub Exploit DB Packet Storm

3175	3.1	低 Network	EspoCRM	EspoCRM	EspoCRMにおける複数の脆弱性	CWE-367 CWE-918	CVE-2026-33659	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

3176	5.4	警告 Network	EspoCRM	EspoCRM	EspoCRMにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-33740	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

3177	5.3	警告 Network	The Go Project	tiff	The Go Projectのtiffにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-33809	2026-04-23 10:12	2026-03-25	Show	GitHub Exploit DB Packet Storm

3178	5.5	警告 Local	jqlang	jq	jqlangのjqにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-33947	2026-04-23 10:12	2026-04-13	Show	GitHub Exploit DB Packet Storm

3179	5.3	警告 Network	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-170 CWE-20	CVE-2026-33948	2026-04-23 10:12	2026-04-14	Show	GitHub Exploit DB Packet Storm

3180	4.3	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34225	2026-04-23 10:12	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
871	-		-	-	In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before … Update	-	CVE-2026-43430	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

872	-		-	-	In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug i… Update	-	CVE-2026-43431	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

873	-		-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may h… Update	-	CVE-2026-43436	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

874	-		-	-	In the Linux kernel, the following vulnerability has been resolved: net/mana: Null service_wq on setup error to prevent double destroy In mana_gd_setup() error path, set gc->service_wq to NULL afte… Update	-	CVE-2026-43440	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

875	-		-	-	In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Add missing error check for clock acquisition The acp_card_rt5682_init() and acp_card_rt5682s_init() … Update	-	CVE-2026-43443	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

876	-		-	-	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotti… Update	-	CVE-2026-43361	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

877	8.2	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized l_iclog_roundoff values If the superblock doesn't list a log stripe unit, we set the incore log roundoff valu… Update	-	CVE-2026-43365	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

878	-		-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Unreserve bo if queue update failed Error handling path should unreserve bo then return failed. (cherry picked from … Update	-	CVE-2026-43444	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

879	-		-	-	In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workque… Update	-	CVE-2026-43446	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm

880	8.2	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kin… Update	-	CVE-2026-43452	2026-05-12 23:10	2026-05-9	Show	GitHub Exploit DB Packet Storm