Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1281 4.9 警告
Network 		aiven Aiven Operator aivenのAiven Operatorにおける複数の脆弱性 CWE-269
CWE-441
CVE-2026-39961 2026-05-15 10:54 2026-04-9 Show GitHub Exploit DB Packet Storm
1282 8.8 重要
Network 		AGiXT AGiXT AGiXTにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39981 2026-05-15 10:54 2026-04-9 Show GitHub Exploit DB Packet Storm
1283 7.5 重要
Network 		Succinct SP1 SuccinctのSP1における複数の脆弱性 CWE-345
CWE-354
CVE-2026-40323 2026-05-15 10:54 2026-04-18 Show GitHub Exploit DB Packet Storm
1284 8.8 重要
Network 		Electric Sync-service ElectricのSync-serviceにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-40906 2026-05-15 10:54 2026-04-21 Show GitHub Exploit DB Packet Storm
1285 6.5 警告
Network 		Apache Software Foundation Apache-airflow-providers-elasticsearch Apache Software FoundationのApache-airflow-providers-elasticsearchにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-41018 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
1286 6.5 警告
Network 		BETTER-AUTH. Better Auth OAuth Provider BETTER-AUTH.のBetter Auth OAuth Providerにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41427 2026-05-15 10:54 2026-04-24 Show GitHub Exploit DB Packet Storm
1287 8.6 重要
Network 		Inngest Inngest Inngestにおける複数の脆弱性 CWE-200
CWE-497
CVE-2026-42047 2026-05-15 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
1288 8.5 重要
Network 		Open edX Open edx Enterprise Service Open edXのOpen edx Enterprise Serviceにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42860 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
1289 6.5 警告
Network 		Apache Software Foundation Apache-airflow-providers-opensearch Apache Software FoundationのApache-airflow-providers-opensearchにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-43826 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
1290 6.8 警告
Network 		Bpple (bx33661) Wireshark MCP Bpple (bx33661)のWireshark MCPにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-43901 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311901 7.8 HIGH
Local 		- - A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges. - CVE-2024-33578 2024-10-15 21:58 2024-10-12 Show GitHub Exploit DB Packet Storm
311902 6.5 MEDIUM
Adjacent 		- - An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and lo… CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2024-47503 2024-10-15 21:58 2024-10-12 Show GitHub Exploit DB Packet Storm
311903 7.5 HIGH
Network 		- - An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2024-47502 2024-10-15 21:58 2024-10-12 Show GitHub Exploit DB Packet Storm
311904 5.5 MEDIUM
Local 		- - A NULL Pointer Dereference vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C allows a locally authentica… CWE-476
 NULL Pointer Dereference 		CVE-2024-47501 2024-10-15 21:58 2024-10-12 Show GitHub Exploit DB Packet Storm
311905 7.5 HIGH
Network 		- - An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based a… CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2024-47499 2024-10-15 21:58 2024-10-12 Show GitHub Exploit DB Packet Storm
311906 6.5 MEDIUM
Adjacent 		- - An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service… - CVE-2024-47498 2024-10-15 21:58 2024-10-12 Show GitHub Exploit DB Packet Storm
311907 - - - DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3. CWE-79
Cross-site Scripting 		CVE-2024-47875 2024-10-15 21:58 2024-10-12 Show GitHub Exploit DB Packet Storm
311908 - - - CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated … CWE-269
 Improper Privilege Management 		CVE-2024-9002 2024-10-15 21:58 2024-10-11 Show GitHub Exploit DB Packet Storm
311909 - - - CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash sc… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2024-8531 2024-10-15 21:58 2024-10-11 Show GitHub Exploit DB Packet Storm
311910 - - - CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS. CWE-306
Missing Authentication for Critical Function 		CVE-2024-8530 2024-10-15 21:58 2024-10-11 Show GitHub Exploit DB Packet Storm