Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3281 5 警告
Local 		オラクル MySQL オラクルのMySQLにおけるリクエストに対するレスポンス内容の違いに起因する情報漏えいに関する脆弱性 CWE-204
リクエストに対するレスポンス内容の違いに起因する情報漏えい 		CVE-2026-34319 2026-05-7 10:51 2026-04-21 Show GitHub Exploit DB Packet Storm
3282 7.5 重要
Network 		オラクル Java VM オラクルのJava VMにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-35229 2026-05-7 10:51 2026-04-21 Show GitHub Exploit DB Packet Storm
3283 4.4 警告
Local 		オラクル Oracle Linux オラクルのOracle Linuxにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-35233 2026-05-7 10:51 2026-05-1 Show GitHub Exploit DB Packet Storm
3284 5.2 警告
Network 		オラクル Hyperion Infrastructure Technology オラクルのHyperion Infrastructure Technologyにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-35244 2026-05-7 10:51 2026-04-21 Show GitHub Exploit DB Packet Storm
3285 9.1 緊急
Network 		Volcengine OpenViking VolcengineのOpenVikingにおける安全でない失敗処理に関する脆弱性 CWE-636
安全でない失敗処理 		CVE-2026-40525 2026-05-7 10:51 2026-04-17 Show GitHub Exploit DB Packet Storm
3286 7.1 重要
Network 		Apache Software Foundation Apache Atlas Apache Software FoundationのApache Atlasにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-40563 2026-05-7 10:51 2026-05-4 Show GitHub Exploit DB Packet Storm
3287 8.8 重要
Adjacent 		Espressif Systems ESP32 Arduino Espressif SystemsのESP32 Arduinoにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-41429 2026-05-7 10:51 2026-04-24 Show GitHub Exploit DB Packet Storm
3288 9 緊急
Network 		Jenkins プロジェクト GitHub JenkinsのGitHubにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42523 2026-05-7 10:51 2026-04-29 Show GitHub Exploit DB Packet Storm
3289 8 重要
Network 		Jenkins プロジェクト HTML Publisher Plugin JenkinsのHTML Publisher Pluginにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42524 2026-05-7 10:51 2026-04-29 Show GitHub Exploit DB Packet Storm
3290 4.3 警告
Network 		Jenkins プロジェクト Azure AD JenkinsのAzure ADにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-42525 2026-05-7 10:51 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2131 7.5 HIGH
Network 		adobe commerce
commerce_b2b
magento 		Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i… NVD-CWE-Other
CVE-2026-34652 2026-05-21 02:12 2026-05-13 Show GitHub Exploit DB Packet Storm
2132 5.7 MEDIUM
Network 		- - Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients … CWE-200
CWE-281
CWE-863
Information Exposure
 Improper Preservation of Permissions
 Incorrect Authorization 		CVE-2026-34600 2026-05-21 01:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2133 8.1 HIGH
Network 		- - CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on … CWE-284
CWE-862
Improper Access Control
 Missing Authorization 		CVE-2026-34358 2026-05-21 01:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2134 8.7 HIGH
Network 		- - CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability in the ticket reply notification system. Unsanitize… CWE-79
Cross-site Scripting 		CVE-2026-34241 2026-05-21 01:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2135 5.5 MEDIUM
Local 		- - Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.6.14 and prior contain a Denial of Service (DoS) vulnerability in the title input … CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2025-57798 2026-05-21 01:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2136 8.7 HIGH
Network 		adobe commerce
commerce_b2b
magento 		Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') … CWE-22
Path Traversal 		CVE-2026-34653 2026-05-21 01:02 2026-05-13 Show GitHub Exploit DB Packet Storm
2137 5.3 MEDIUM
Network 		adobe commerce
commerce_b2b
magento 		Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i… NVD-CWE-Other
CVE-2026-34654 2026-05-21 01:02 2026-05-13 Show GitHub Exploit DB Packet Storm
2138 4.8 MEDIUM
Network 		adobe commerce
commerce_b2b
magento 		Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p… CWE-79
Cross-site Scripting 		CVE-2026-34655 2026-05-21 00:59 2026-05-13 Show GitHub Exploit DB Packet Storm
2139 4.3 MEDIUM
Network 		adobe commerce
commerce_b2b
magento 		Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature by… CWE-285
Improper Authorization 		CVE-2026-34656 2026-05-21 00:58 2026-05-13 Show GitHub Exploit DB Packet Storm
2140 4.8 MEDIUM
Network 		adobe commerce
commerce_b2b
magento 		Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p… CWE-79
Cross-site Scripting 		CVE-2026-34658 2026-05-21 00:50 2026-05-13 Show GitHub Exploit DB Packet Storm