Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4741	7.6	重要 Network	FreeScout	FreeScout	FreeScoutにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-39384	2026-04-27 10:48	2026-04-7	Show	GitHub Exploit DB Packet Storm

4742	3.1	低 Network	OpenBao	OpenBao	OpenBaoにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-39388	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

4743	4.9	警告 Network	OpenBao	OpenBao	OpenBaoにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-39946	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

4744	5.7	警告 Adjacent	OpenClaw	OpenClaw	OpenClawにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2026-40045	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

4745	6.5	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-40150	2026-04-27 10:48	2026-04-9	Show	GitHub Exploit DB Packet Storm

4746	8.8	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40157	2026-04-27 10:48	2026-04-10	Show	GitHub Exploit DB Packet Storm

4747	6.5	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおける送信データへの重要な情報の挿入に関する脆弱性	CWE-201 CWE-noinfo	CVE-2026-40161	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

4748	8.1	重要 Network	SysAdmins Media	HomeBox	SysAdmins MediaのHomeBoxにおける不適切な所有権の割り当てに関する脆弱性	CWE-708 不適切な所有権の割り当て	CVE-2026-40196	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4749	2.7	低 Network	OpenBao	OpenBao	OpenBaoにおけるセキュリティトークンの割り当ての制限に関する脆弱性	CWE-1259 セキュリティトークンの割り当ての不適切な制限	CVE-2026-40264	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

4750	4.3	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-40305	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
781	8.1	HIGH Network	-	-	LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fie… New	CWE-74 Injection	CVE-2026-45344	2026-05-29 11:44	2026-05-29	Show	GitHub Exploit DB Packet Storm

782	9.8	CRITICAL Network	-	-	The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation via Validation Bypass in all versions up to and including 0.9.2.5. The vulnerability exists due to the … New	CWE-269 Improper Privilege Management	CVE-2026-8809	2026-05-29 11:40	2026-05-29	Show	GitHub Exploit DB Packet Storm

783	-		-	-	Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTM… New	-	CVE-2026-10010	2026-05-29 11:36	2026-05-29	Show	GitHub Exploit DB Packet Storm

784	-		-	-	Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a… New	CWE-20 Improper Input Validation	CVE-2026-9903	2026-05-29 11:35	2026-05-29	Show	GitHub Exploit DB Packet Storm

785	-		-	-	Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) New	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2026-9911	2026-05-29 11:35	2026-05-29	Show	GitHub Exploit DB Packet Storm

786	-		-	-	Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-9923	2026-05-29 11:35	2026-05-29	Show	GitHub Exploit DB Packet Storm

787	-		-	-	Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Hi… New	CWE-787 Out-of-bounds Write	CVE-2026-9930	2026-05-29 11:35	2026-05-29	Show	GitHub Exploit DB Packet Storm

788	-		-	-	Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) New	CWE-122 Heap-based Buffer Overflow	CVE-2026-9940	2026-05-29 11:35	2026-05-29	Show	GitHub Exploit DB Packet Storm

789	-		-	-	Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a craft… New	CWE-416 Use After Free	CVE-2026-9954	2026-05-29 11:35	2026-05-29	Show	GitHub Exploit DB Packet Storm

790	-		-	-	Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-9958	2026-05-29 11:35	2026-05-29	Show	GitHub Exploit DB Packet Storm