Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 12:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1241	9.1	緊急 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-23500	2026-05-7 12:06	2026-04-17	Show	GitHub Exploit DB Packet Storm

1242	5.3	警告 Local	FreeType Project	FreeType	FreeType ProjectのFreeTypeにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-23865	2026-05-7 12:06	2026-03-2	Show	GitHub Exploit DB Packet Storm

1243	6.5	警告 Network	Linux Foundation	tekton pipelines	Linux Foundationのtekton pipelinesにおける不正な正規表現に関する脆弱性	CWE-185 不正な正規表現	CVE-2026-25542	2026-05-7 12:06	2026-04-21	Show	GitHub Exploit DB Packet Storm

1244	6.5	警告 Adjacent	FRRouting Project	FRRouting	FRRouting ProjectのFRRoutingにおける複数の脆弱性	CWE-125 CWE-190	CVE-2026-28532	2026-05-7 12:06	2026-04-30	Show	GitHub Exploit DB Packet Storm

1245	8.8	重要 Network	CloudARK	KubePlus	CloudARKのKubePlusにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-29955	2026-05-7 12:06	2026-04-13	Show	GitHub Exploit DB Packet Storm

1246	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける領域間での誤ったリソース移動に関する脆弱性	CWE-669 領域間での誤ったリソース移動	CVE-2026-31431	2026-05-7 12:06	2026-04-22	Show	GitHub Exploit DB Packet Storm

1247	5.3	警告 Network	レッドハット kernel.org	util-linux Red Hat Hardened Images	kernel.org等の複数ベンダの製品における代替名による認証回避に関する脆弱性	CWE-289 代替名による認証回避	CVE-2026-3184	2026-05-7 12:06	2026-04-3	Show	GitHub Exploit DB Packet Storm

1248	5.5	警告 Local	Electron	electron	Electronのelectronにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34764	2026-05-7 12:06	2026-04-6	Show	GitHub Exploit DB Packet Storm

1249	10	緊急 Network	traefik	traefik	traefikにおけるデータの信頼性についての不十分な検証に関する脆弱性	CWE-345 データの信頼性についての不十分な検証	CVE-2026-35051	2026-05-7 12:06	2026-04-30	Show	GitHub Exploit DB Packet Storm

1250	7.1	重要 Network	デル	iDRAC10 Firmware	デルのiDRAC10 Firmwareにおける認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-35155	2026-05-7 12:06	2026-04-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312731	-		-	-	Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.	-	CVE-2024-29847	2024-09-12 11:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312732	-		-	-	A vulnerability was found in ?????????? Yunke Online School System up to 3.0.6. It has been declared as problematic. This vulnerability affects the function downfile of the file application/admin/con…	CWE-22 Path Traversal	CVE-2024-8707	2024-09-12 10:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312733	7.3	HIGH Local	microsoft	office publisher	Microsoft Publisher Security Feature Bypass Vulnerability	NVD-CWE-noinfo	CVE-2024-38226	2024-09-12 10:00	2024-09-11	Show	GitHub Exploit DB Packet Storm

312734	-		-	-	A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic. This affects the function update of the file /admin/template/update of the component com.cms.util.Templat…	CWE-22 Path Traversal	CVE-2024-8706	2024-09-12 09:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312735	-		-	-	Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields.	-	CVE-2024-28981	2024-09-12 09:15	2024-09-12	Show	GitHub Exploit DB Packet Storm

312736	6.1	MEDIUM Network	friendica	friendica	Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature.	CWE-79 Cross-site Scripting	CVE-2024-27729	2024-09-12 05:29	2024-08-16	Show	GitHub Exploit DB Packet Storm

312737	6.5	MEDIUM Network	elastic	apm_server	APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-37286	2024-09-12 05:20	2024-08-4	Show	GitHub Exploit DB Packet Storm

312738	9.8	CRITICAL Network	angeljudesuarez	airline_reservation_system	A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function save_settings of the file admin/admin_class.php. The ma…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-7500	2024-09-12 05:07	2024-08-6	Show	GitHub Exploit DB Packet Storm

312739	8.8	HIGH Network	angeljudesuarez	tailoring_management_system	A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The man…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-7506	2024-09-12 05:02	2024-08-6	Show	GitHub Exploit DB Packet Storm

312740	9.8	CRITICAL Network	rainniar	bike_delivery_system	A vulnerability, which was classified as critical, was found in itsourcecode Bike Delivery System 1.0. Affected is an unknown function of the file contact_us_action.php. The manipulation of the argum…	CWE-89 SQL Injection	CVE-2024-7505	2024-09-12 04:53	2024-08-6	Show	GitHub Exploit DB Packet Storm