Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3371	5.3	警告 Network	hono	hono	honoにおける複数の脆弱性	CWE-200 CWE-284 CWE-668	CVE-2026-24473	2026-02-6 10:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

3372	4.9	警告 Network	nocodb	nocodb	nocodbにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-24766	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

3373	6.4	警告 Network	nocodb	nocodb	nocodbにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-24767	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

3374	6.1	警告 Network	nocodb	nocodb	nocodbにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-24768	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

3375	9	緊急 Network	nocodb	nocodb	nocodbにおける複数の脆弱性	CWE-434 CWE-79	CVE-2026-24769	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

3376	4.7	警告 Network	hono	hono	honoにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24771	2026-02-6 10:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

3377	4.8	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24784	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

3378	5.4	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24833	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

3379	5.4	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24836	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

3380	5.4	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24837	2026-02-6 10:36	2026-01-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
601	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires an… Update	NVD-CWE-noinfo	CVE-2026-43268	2026-05-9 06:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

602	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the section_length is … Update	NVD-CWE-noinfo	CVE-2026-43266	2026-05-9 05:46	2026-05-6	Show	GitHub Exploit DB Packet Storm

603	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode glock. This can lead to recu… Update	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-43262	2026-05-9 05:41	2026-05-6	Show	GitHub Exploit DB Packet Storm

604	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB (Branch History Buffer… Update	NVD-CWE-noinfo	CVE-2026-43261	2026-05-9 05:37	2026-05-6	Show	GitHub Exploit DB Packet Storm

605	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() Ignore -EBUSY when checking nested events after exiting a b… Update	NVD-CWE-noinfo	CVE-2026-43265	2026-05-9 05:33	2026-05-6	Show	GitHub Exploit DB Packet Storm

606	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount i… Update	NVD-CWE-Other	CVE-2026-43264	2026-05-9 05:33	2026-05-6	Show	GitHub Exploit DB Packet Storm

607	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is delete… Update	CWE-415 Double Free	CVE-2026-43260	2026-05-9 05:31	2026-05-6	Show	GitHub Exploit DB Packet Storm

608	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platform_set_drvdata() as the data will be used in remove(). Update	NVD-CWE-noinfo	CVE-2026-43259	2026-05-9 05:31	2026-05-6	Show	GitHub Exploit DB Packet Storm

609	8.1	HIGH Network	google	chrome	Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security… Update	NVD-CWE-noinfo CWE-693 Protection Mechanism Failure	CVE-2026-8018	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

610	4.2	MEDIUM Network	google	chrome	Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted H… Update	CWE-20 Improper Input Validation	CVE-2026-7989	2026-05-9 05:16	2026-05-7	Show	GitHub Exploit DB Packet Storm