Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1161 6.1 警告
Network 		Frappe ERPNext FrappeのERPNextにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-38432 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
1162 9.1 緊急
Network 		CHORNY Apache::Session CHORNYのApache::Sessionにおける有効期限後または解放後のリソースの操作に関する脆弱性 CWE-672
有効期限後または解放後のリソースの操作 		CVE-2013-10075 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
1163 9.8 緊急
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける複数の脆弱性 CWE-502
CWE-918
CVE-2026-34084 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
1164 5.4 警告
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-35453 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
1165 9.1 緊急
Network 		Zcash Foundation Zebra-script
Zebrad 		Zcash FoundationのZebra-script等の複数製品における呼び出し元による仕様の不適切な準拠に関する脆弱性 CWE-573
呼び出し元による仕様の不適切な準拠 		CVE-2026-41583 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
1166 6.5 警告
Network 		Zcash Foundation zebra-rpc
Zebrad 		Zcash Foundationのzebra-rpc等の複数製品における複数の脆弱性 CWE-248
CWE-617
CVE-2026-41585 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
1167 9.1 緊急
Network 		Zcash Foundation Zebra-script
Zebrad 		Zcash FoundationのZebra-script等の複数製品におけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-44497 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
1168 5.3 警告
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける複数の脆弱性 CWE-367
CWE-770
CVE-2025-69233 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
1169 8.4 重要
Local 		デル data domain operating system
PowerProtect DP Series Appliance 		デルのdata domain operating system等の複数製品における弱い認証情報の使用に関する脆弱性 CWE-1391
脆弱な認証情報の使用 		CVE-2026-23853 2026-05-11 11:12 2026-04-17 Show GitHub Exploit DB Packet Storm
1170 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 CWE-693
CWE-94
CVE-2026-24118 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312171 6.5 MEDIUM
Network 		ihedvall mdf_library Library MDF (mdflib) v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function CWE-787
 Out-of-bounds Write 		CVE-2024-41445 2024-10-2 04:03 2024-09-26 Show GitHub Exploit DB Packet Storm
312172 5.5 MEDIUM
Local 		devolutions remote_desktop_manager An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-7421 2024-10-2 03:36 2024-09-26 Show GitHub Exploit DB Packet Storm
312173 9.8 CRITICAL
Network 		meshtastic meshtastic_firmware Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly… CWE-863
 Incorrect Authorization 		CVE-2024-47078 2024-10-2 03:29 2024-09-26 Show GitHub Exploit DB Packet Storm
312174 8.6 HIGH
Network 		circutor q-smt_firmware CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login p… CWE-1284
 Improper Validation of Specified Quantity in Input 		CVE-2024-8887 2024-10-2 02:30 2024-09-18 Show GitHub Exploit DB Packet Storm
312175 9.8 CRITICAL
Network 		scriptcase scriptcase Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jquery_plugin/jQuery-File-Upload/server/php/ via a POST requ… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8940 2024-10-2 02:21 2024-09-25 Show GitHub Exploit DB Packet Storm
312176 9.8 CRITICAL
Network 		doverfuelingsolutions progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware 		A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands. CWE-77
Command Injection 		CVE-2024-43693 2024-10-2 02:17 2024-09-25 Show GitHub Exploit DB Packet Storm
312177 7.8 HIGH
Local 		telerik ui_for_wpf In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements. CWE-77
Command Injection 		CVE-2024-7679 2024-10-2 02:16 2024-09-25 Show GitHub Exploit DB Packet Storm
312178 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix bridge mode operations when there are no VFs Currently, trying to set the bridge mode attribute when numvfs=0 leads… CWE-476
 NULL Pointer Dereference 		CVE-2024-46857 2024-10-2 02:10 2024-09-27 Show GitHub Exploit DB Packet Storm
312179 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we wo… CWE-667
 Improper Locking 		CVE-2024-46868 2024-10-2 02:09 2024-09-27 Show GitHub Exploit DB Packet Storm
312180 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in show_meminfo() There is a real deadlock as well as sleeping in atomic() bug in here, if the bo put… CWE-667
 Improper Locking 		CVE-2024-46867 2024-10-2 02:09 2024-09-27 Show GitHub Exploit DB Packet Storm