Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1191	7.2	重要 Network	WSO2	WSO2 Identity Server	WSO2のWSO2 Identity Serverにおける複数の脆弱性	CWE-284 CWE-863	CVE-2025-9973	2026-05-29 11:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

1192	6.5	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-1402	2026-05-29 11:18	2026-05-27	Show	GitHub Exploit DB Packet Storm

1193	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-23292	2026-05-29 11:18	2026-03-25	Show	GitHub Exploit DB Packet Storm

1194	9.8	緊急 Network	マイクロソフト	Microsoft Power Pages	Microsoft Power Pages Remote Code Execution Vulnerability	CWE-77 コマンドインジェクション	CVE-2026-23652	2026-05-29 11:18	2026-05-22	Show	GitHub Exploit DB Packet Storm

1195	7.1	重要 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-2393	2026-05-29 11:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

1196	4.7	警告 Local	NVIDIA	gpu display driver	NVIDIAのgpu display driverにおける競合状態に関する脆弱性	CWE-362 競合状態	CVE-2026-24199	2026-05-29 11:18	2026-05-26	Show	GitHub Exploit DB Packet Storm

1197	9.8	緊急 Network	NVIDIA	Isaac Launchable	NVIDIAのIsaac Launchableにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2026-24212	2026-05-29 11:18	2026-05-26	Show	GitHub Exploit DB Packet Storm

1198	6.1	警告 Network	Joomla!	Joomla!	Joomla!におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-25900	2026-05-29 11:18	2026-05-26	Show	GitHub Exploit DB Packet Storm

1199	6.1	警告 Network	Joomla!	Joomla!	Joomla!におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-25901	2026-05-29 11:18	2026-05-26	Show	GitHub Exploit DB Packet Storm

1200	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-2601	2026-05-29 11:18	2026-05-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
319451	6.5	MEDIUM Network	qnap	qts quts_hero	A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expos…	CWE-22 Path Traversal	CVE-2023-51366	2024-09-11 22:32	2024-09-7	Show	GitHub Exploit DB Packet Storm

319452	4.8	MEDIUM Network	qnap	qts quts_hero	A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to inject malic…	CWE-79 Cross-site Scripting	CVE-2023-50366	2024-09-11 22:31	2024-09-7	Show	GitHub Exploit DB Packet Storm

319453	8.8	HIGH Network	qnap	qts quts_hero	A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a …	CWE-120 CWE-121 Classic Buffer Overflow Stack-based Buffer Overflow	CVE-2023-51367	2024-09-11 22:27	2024-09-7	Show	GitHub Exploit DB Packet Storm

319454	6.5	MEDIUM Network	zoom	workplace workplace_desktop workplace_virtual_desktop_infrastructure rooms	Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access.	CWE-522 Insufficiently Protected Credentials	CVE-2024-39818	2024-09-11 22:27	2024-08-15	Show	GitHub Exploit DB Packet Storm

319455	6.5	MEDIUM Network	terminalfour	terminalfour	A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-22217	2024-09-11 22:19	2024-08-16	Show	GitHub Exploit DB Packet Storm

319456	5.4	MEDIUM Network	yogeshojha	rengine	reNgine is an automated reconnaissance framework for web applications. Versions 2.1.2 and prior are susceptible to Stored Cross-Site Scripting (XSS) attacks. This vulnerability occurs when scanning a…	CWE-79 Cross-site Scripting	CVE-2024-43381	2024-09-11 22:02	2024-08-17	Show	GitHub Exploit DB Packet Storm

319457	9.8	CRITICAL Network	h3c	magic_b1st_firmware	H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.	CWE-798 Use of Hard-coded Credentials	CVE-2024-42638	2024-09-11 21:53	2024-08-17	Show	GitHub Exploit DB Packet Storm

319458	7.5	HIGH Network	google	android	In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution pri…	CWE-120 Classic Buffer Overflow	CVE-2024-34727	2024-09-11 21:43	2024-08-16	Show	GitHub Exploit DB Packet Storm

319459	8.2	HIGH Network	xpdfreader	xpdf	In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read fro…	CWE-908 Use of Uninitialized Resource	CVE-2024-7868	2024-09-11 21:40	2024-08-16	Show	GitHub Exploit DB Packet Storm

319460	8.8	HIGH Network	xyzscripts	insert_php_code_snippet	Cross-Site Request Forgery (CSRF) vulnerability in xyzscripts.Com Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6.	CWE-352 Origin Validation Error	CVE-2024-43275	2024-09-11 21:33	2024-08-15	Show	GitHub Exploit DB Packet Storm