Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131 5.8 警告
Network 		vm2 project vm2 vm2 projectのvm2における保護メカニズムの不具合に関する脆弱性 New CWE-693
保護メカニズムの不具合 		CVE-2026-44003 2026-05-18 12:12 2026-05-13 Show GitHub Exploit DB Packet Storm
132 7.5 重要
Network 		vm2 project vm2 vm2 projectのvm2における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-44004 2026-05-18 12:12 2026-05-13 Show GitHub Exploit DB Packet Storm
133 10 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 New CWE-1321
CWE-94
CVE-2026-44005 2026-05-18 12:12 2026-05-13 Show GitHub Exploit DB Packet Storm
134 10 緊急
Network 		vm2 project vm2 vm2 projectのvm2におけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-44006 2026-05-18 12:12 2026-05-13 Show GitHub Exploit DB Packet Storm
135 9.1 緊急
Network 		vm2 project vm2 vm2 projectのvm2におけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-44007 2026-05-18 12:12 2026-05-13 Show GitHub Exploit DB Packet Storm
136 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における誤った領域へのリソースの漏えいに関する脆弱性 New CWE-668
誤った領域へのリソースの漏えい 		CVE-2026-44008 2026-05-18 12:12 2026-05-13 Show GitHub Exploit DB Packet Storm
137 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における誤った領域へのリソースの漏えいに関する脆弱性 New CWE-668
誤った領域へのリソースの漏えい 		CVE-2026-44009 2026-05-18 12:12 2026-05-13 Show GitHub Exploit DB Packet Storm
138 9.9 緊急
Network 		nginxui Nginx UI Nginx UI TeamのNginx UIにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-44015 2026-05-18 12:12 2026-05-12 Show GitHub Exploit DB Packet Storm
139 7.1 重要
Network 		M2-Team NanaZip M2-TeamのNanaZipにおける境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-44215 2026-05-18 12:12 2026-05-12 Show GitHub Exploit DB Packet Storm
140 7.5 重要
Network 		vLLM vLLM vLLMにおける配列インデックスの検証に関する脆弱性 New CWE-129
配列インデックスの不適切な検証 		CVE-2026-44222 2026-05-18 12:12 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311911 - - - Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the "Organizer tags" field. - CVE-2024-45964 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311912 - - - October 3.6.30 allows an authenticated admin account to upload a PDF file containing malicious JavaScript into the target system. If the file is accessed through the website, it could lead to a Cross… - CVE-2024-45962 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311913 - - - Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site S… - CVE-2024-45960 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311914 - - - The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id pa… - CVE-2024-9441 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311915 - - - OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload. - CVE-2024-46626 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311916 - - - FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component. - CVE-2024-41290 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311917 - - - Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, po… - CVE-2024-9423 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311918 - - - Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issu… - CVE-2024-6360 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311919 - - - Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentiall… - CVE-2024-47807 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm
311920 - - - Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentia… - CVE-2024-47806 2024-10-4 22:50 2024-10-3 Show GitHub Exploit DB Packet Storm