Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
121 7.8 重要
Local 		gitpython project gitpython gitpython projectのgitpythonにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-44244 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
122 4.3 警告
Network 		Weblate Weblate Weblateにおける観測可能な不一致に関する脆弱性 New CWE-203
セキュリティ関連の処理に対するレスポンスの違いに起因する情報漏えい 		CVE-2026-44263 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
123 7.5 重要
Network 		ZTE ZXCLOUD iRAI ZTEのZXCLOUD iRAIにおける書式文字列に関する脆弱性 New CWE-134
CWE-noinfo
CVE-2026-44407 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
124 2.7
Network 		Tanium Tanium Threat Response TaniumのTanium Threat Responseにおける情報漏えいに関する脆弱性 New CWE-200
CWE-noinfo
CVE-2026-6392 2026-05-13 10:21 2026-04-22 Show GitHub Exploit DB Packet Storm
125 6.5 警告
Network 		GitHub Enterprise Server GitHubのEnterprise Serverにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-6736 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
126 7.5 重要
Network 		GitHub Enterprise Server GitHubのEnterprise Serverにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-7541 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
127 9.8 緊急
Network 		GitHub Enterprise Server GitHubのEnterprise Serverにおける複数の脆弱性 New CWE-436
CWE-918
CVE-2026-8034 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
128 6.5 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2026-8063 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
129 5.4 警告
Network 		MISP MISP MISPにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-8080 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
130 9.8 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における例外的な状態のチェックに関する脆弱性 New CWE-754
CWE-noinfo
CVE-2026-8091 2026-05-13 10:21 2026-05-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312331 6.1 MEDIUM
Network 		halo halo Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.17.0 of the Halo project. This vulnerability allows an attacker to execute malicious … CWE-79
Cross-site Scripting 		CVE-2024-43792 2024-09-17 01:26 2024-09-3 Show GitHub Exploit DB Packet Storm
312332 8.2 HIGH
Network 		sap bex_web_java_runtime_export_web_service BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source. An attacker can retrieve information from the SAP ADS system and exhaust the … CWE-91
Blind XPath Injection 		CVE-2024-42374 2024-09-17 01:25 2024-08-13 Show GitHub Exploit DB Packet Storm
312333 9.1 CRITICAL
Network 		sap commerce_cloud Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included… NVD-CWE-noinfo
CVE-2024-33003 2024-09-17 01:22 2024-08-13 Show GitHub Exploit DB Packet Storm
312334 7.5 HIGH
Network 		github actions\/artifact
actions_toolkit 		actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` before 2.1.7 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downl… CWE-22
Path Traversal 		CVE-2024-42471 2024-09-17 01:18 2024-09-3 Show GitHub Exploit DB Packet Storm
312335 4.3 MEDIUM
Network 		sap business_objects_business_intelligence_platform SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitat… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-28166 2024-09-17 01:17 2024-08-13 Show GitHub Exploit DB Packet Storm
312336 5.3 MEDIUM
Network 		mainwww mwcms A vulnerability was found in Fujian mwcms 1.0.0. It has been declared as critical. Affected by this vulnerability is the function uploadeditor of the file /uploadeditor.html?action=uploadimage of the… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-7705 2024-09-17 01:15 2024-08-13 Show GitHub Exploit DB Packet Storm
312337 4.4 MEDIUM
Local 		dell insightiq Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to D… NVD-CWE-noinfo
CVE-2024-39574 2024-09-17 00:59 2024-09-10 Show GitHub Exploit DB Packet Storm
312338 9.8 CRITICAL
Network 		dell insightiq Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially expl… CWE-552
 Files or Directories Accessible to External Parties 		CVE-2024-39581 2024-09-17 00:50 2024-09-10 Show GitHub Exploit DB Packet Storm
312339 5.5 MEDIUM
Local 		dell precision_7920_firmware
7920_xl_firmware 		Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially ex… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2024-42425 2024-09-17 00:46 2024-09-10 Show GitHub Exploit DB Packet Storm
312340 9.8 CRITICAL
Network 		dell insightiq Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploi… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2024-39583 2024-09-17 00:42 2024-09-10 Show GitHub Exploit DB Packet Storm