Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4171	8.1	重要 Network	webkul	krayin crm	webkulのkrayin crmにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-38532	2026-04-27 11:21	2026-04-14	Show	GitHub Exploit DB Packet Storm

4172	5.4	警告 Network	Istio	Istio	Istioにおける複数の脆弱性	CWE-185 CWE-863	CVE-2026-39350	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

4173	6.5	警告 Network	Project Jupyter	nbconvert	Project Jupyterのnbconvertにおける複数の脆弱性	CWE-22 CWE-73	CVE-2026-39377	2026-04-27 11:21	2026-04-21	Show	GitHub Exploit DB Packet Storm

4174	6.5	警告 Network	Project Jupyter	nbconvert	Project Jupyterのnbconvertにおける複数の脆弱性	CWE-22 CWE-73	CVE-2026-39378	2026-04-27 11:21	2026-04-21	Show	GitHub Exploit DB Packet Storm

4175	7.2	重要 Network	boidcms	boidcms	boidcmsにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2026-39387	2026-04-27 11:21	2026-04-14	Show	GitHub Exploit DB Packet Storm

4176	9.9	緊急 Network	openremote	openremote	openremoteにおける複数の脆弱性	CWE-917 CWE-94	CVE-2026-39842	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

4177	10	緊急 Network	Anthropic PBC	Claude Code	Anthropic PBCのClaude Codeにおける複数の脆弱性	CWE-22 CWE-61	CVE-2026-39861	2026-04-27 11:21	2026-04-21	Show	GitHub Exploit DB Packet Storm

4178	8.1	重要 Network	Suyog Sonwalkar	MCP Server Kubernetes	Suyog SonwalkarのMCP Server Kubernetesにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-39884	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

4179	6.5	警告 Network	jqlang	jq	jqlangのjqにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-39979	2026-04-27 11:21	2026-04-13	Show	GitHub Exploit DB Packet Storm

4180	5.5	警告 Local	Linux Foundation	Sigstore Timestamp Authority	Linux FoundationのSigstore Timestamp Authorityにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-39984	2026-04-27 11:21	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1221	8.1	HIGH Network	-	-	e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the Host header to generate password reset l… New	CWE-20 CWE-807 Improper Input Validation Reliance on Untrusted Inputs in a Security Decision	CVE-2026-43935	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1222	-		-	-	Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so th… New	CWE-552 CWE-918 Files or Directories Accessible to External Parties Server-Side Request Forgery (SSRF)	CVE-2026-40564	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1223	-		-	-	An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. New	CWE-22 Path Traversal	CVE-2026-40384	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1224	-		-	-	An improper access check allows unauthorized access to com_config webservice endpoints. New	CWE-284 Improper Access Control	CVE-2026-35223	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1225	-		-	-	A vulnerability in the Google Cloud Apigee SetIntegrationRequest policy allowed remote attackers to perform Server-Side Request Forgery (SSRF) and exfiltrate service account access tokens. For succe… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-2264	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1226	7.8	HIGH Local	-	-	NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code exec… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-24162	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1227	5.3	MEDIUM Network	-	-	IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System uses default passwords default passwords from the manufacturing process for use during the inst… New	CWE-1392 Use of Default Credentials	CVE-2025-36221	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1228	4.3	MEDIUM Network	-	-	IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, … New	CWE-89 SQL Injection	CVE-2025-36220	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1229	5.4	MEDIUM Network	-	-	IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allo… New	CWE-79 Cross-site Scripting	CVE-2025-36148	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1230	5.4	MEDIUM Network	-	-	IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions. New	CWE-923 Improper Restriction of Communication Channel to Intended Endpoints	CVE-2025-36145	2026-05-27 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm