Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3671 5.5 警告
Local 		サムスン Wear OS サムスンのWear OSにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2025-20986 2026-02-4 18:38 2025-06-4 Show GitHub Exploit DB Packet Storm
3672 7.8 重要
Local 		Lenovo PCManager LenovoのPCManagerにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2025-2501 2026-02-4 18:38 2025-05-30 Show GitHub Exploit DB Packet Storm
3673 7.8 重要
Local 		Lenovo PCManager LenovoのPCManagerにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-2502 2026-02-4 18:38 2025-05-30 Show GitHub Exploit DB Packet Storm
3674 7.1 重要
Local 		Lenovo PCManager LenovoのPCManagerにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 CWE-732
重要なリソースに対する不適切なパーミッションの割り当て 		CVE-2025-2503 2026-02-4 18:38 2025-05-30 Show GitHub Exploit DB Packet Storm
3675 7.8 重要
Local 		NVIDIA NVIDIA Nsight Graphics NVIDIAのNVIDIA Nsight GraphicsにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-33206 2026-02-4 18:38 2026-01-14 Show GitHub Exploit DB Packet Storm
3676 7.3 重要
Local 		NVIDIA cuda toolkit NVIDIAのcuda toolkitにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-33228 2026-02-4 18:38 2026-01-20 Show GitHub Exploit DB Packet Storm
3677 7.3 重要
Local 		NVIDIA cuda toolkit NVIDIAのcuda toolkitにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2025-33229 2026-02-4 18:38 2026-01-20 Show GitHub Exploit DB Packet Storm
3678 7.3 重要
Local 		NVIDIA cuda toolkit NVIDIAのcuda toolkitにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-33230 2026-02-4 18:38 2026-01-20 Show GitHub Exploit DB Packet Storm
3679 6.7 警告
Local 		NVIDIA cuda toolkit NVIDIAのcuda toolkitにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2025-33231 2026-02-4 18:38 2026-01-20 Show GitHub Exploit DB Packet Storm
3680 4.9 警告
Network 		ブロケード コミュニケーションズ システムズ株式会社 fabric operating system ブロケード コミュニケーションズ システムズ株式会社のfabric operating systemにおける例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2025-4663 2026-02-4 18:38 2025-07-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
291 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback After several commits, the slab memory increases. Some dr… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-43269 2026-05-9 04:40 2026-05-6 Show GitHub Exploit DB Packet Storm
292 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghes_new() prevents allocating too large records, by chec… Update NVD-CWE-noinfo
CVE-2026-43277 2026-05-9 04:34 2026-05-6 Show GitHub Exploit DB Packet Storm
293 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix double destroy_workqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free cra… Update CWE-415
 Double Free 		CVE-2026-43276 2026-05-9 04:32 2026-05-6 Show GitHub Exploit DB Packet Storm
294 9.8 CRITICAL
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and… Update CWE-94
CWE-693
Code Injection
 Protection Mechanism Failure 		CVE-2026-24118 2026-05-9 04:30 2026-05-5 Show GitHub Exploit DB Packet Storm
295 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Flush exception handling work when RPM level is zero Ensure that the exception event handling work is explicitly… Update CWE-362
Race Condition 		CVE-2026-43275 2026-05-9 04:30 2026-05-6 Show GitHub Exploit DB Packet Storm
296 9.8 CRITICAL
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to write code which can escape from the VM… Update CWE-94
CWE-693
Code Injection
 Protection Mechanism Failure 		CVE-2026-24120 2026-05-9 04:29 2026-05-5 Show GitHub Exploit DB Packet Storm
297 9.8 CRITICAL
Network 		vm2_project vm2 vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can es… Update CWE-94
CWE-693
Code Injection
 Protection Mechanism Failure 		CVE-2026-24781 2026-05-9 04:29 2026-05-5 Show GitHub Exploit DB Packet Storm
298 9.8 CRITICAL
Network 		kestra kestra Kestra v1.3.3 and before is vulnerable to SQL Injection. The vulnerability occurs because user-controlled input from a GET parameter is directly concatenated into an SQL query without proper sanitiza… Update CWE-89
SQL Injection 		CVE-2026-38428 2026-05-9 04:24 2026-05-6 Show GitHub Exploit DB Packet Storm
299 8.8 HIGH
Network 		fit2cloud sqlbot SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided que… Update CWE-89
SQL Injection 		CVE-2026-33324 2026-05-9 04:22 2026-05-6 Show GitHub Exploit DB Packet Storm
300 5.3 MEDIUM
Network 		dani-garcia vaultwarden Vaultwarden is a Bitwarden-compatible server written in Rust. In version 1.35.4 and earlier, the get_org_collections_details endpoint (GET /api/organizations/{org_id}/collections/details) is missing … Update CWE-862
 Missing Authorization 		CVE-2026-33420 2026-05-9 04:19 2026-05-6 Show GitHub Exploit DB Packet Storm