Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
131 7.5 重要
Network 		Zcash Foundation Zebra-chain
Zebrad 		Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性 New CWE-617
到達可能なアサーション 		CVE-2026-41584 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
132 5.3 警告
Network 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-41645 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
133 5.5 警告
Local 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-41646 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
134 8.1 重要
Network 		- OpenC3のOpenC3 COSMOSにおける未検証のパスワード変更に関する脆弱性 New CWE-620
未検証のパスワード変更 		CVE-2026-42084 2026-05-11 11:09 2026-05-4 Show GitHub Exploit DB Packet Storm
135 4.3 警告
Network 		- OpenC3のOpenC3 COSMOSにおける相対パストラバーサルの脆弱性 New CWE-23
相対的パストラバーサル 		CVE-2026-42085 2026-05-11 11:09 2026-05-4 Show GitHub Exploit DB Packet Storm
136 4.6 警告
Network 		- OpenC3のOpenC3 COSMOSにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42086 2026-05-11 11:09 2026-05-4 Show GitHub Exploit DB Packet Storm
137 9.6 緊急
Network 		- OpenC3のOpenC3 COSMOSにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-42087 2026-05-11 11:09 2026-05-4 Show GitHub Exploit DB Packet Storm
138 9.8 緊急
Network 		litellm litellm LiteLLMにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-42208 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
139 9.1 緊急
Network 		OpenEXR OpenEXR OpenEXRにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-42216 2026-05-11 11:09 2026-05-7 Show GitHub Exploit DB Packet Storm
140 9.8 緊急
Network 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 New CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-42217 2026-05-11 11:09 2026-05-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312401 - - - A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA. - CVE-2024-40713 2024-09-10 00:35 2024-09-8 Show GitHub Exploit DB Packet Storm
312402 - - - A missing authorization vulnerability allows a local low-privileged user on the machine to escalate their privileges to root level. - CVE-2024-40709 2024-09-10 00:35 2024-09-8 Show GitHub Exploit DB Packet Storm
312403 - - - RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php. - CVE-2024-45771 2024-09-10 00:35 2024-09-7 Show GitHub Exploit DB Packet Storm
312404 - - - RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php. - CVE-2024-44839 2024-09-10 00:35 2024-09-7 Show GitHub Exploit DB Packet Storm
312405 5.4 MEDIUM
Network 		rems leads_manager_tool A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads … CWE-79
Cross-site Scripting 		CVE-2024-7644 2024-09-10 00:15 2024-08-12 Show GitHub Exploit DB Packet Storm
312406 - - - A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed. - CVE-2024-42024 2024-09-9 23:35 2024-09-8 Show GitHub Exploit DB Packet Storm
312407 - - - An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely. - CVE-2024-42023 2024-09-9 23:35 2024-09-8 Show GitHub Exploit DB Packet Storm
312408 - - - An improper access control vulnerability allows an attacker with valid access tokens to access saved credentials. - CVE-2024-42021 2024-09-9 23:35 2024-09-8 Show GitHub Exploit DB Packet Storm
312409 - - - A server side request forgery vulnerability allows a low-privileged user to perform local privilege escalation through exploiting an SSRF vulnerability. - CVE-2024-40718 2024-09-9 23:35 2024-09-8 Show GitHub Exploit DB Packet Storm
312410 - - - An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations. - CVE-2024-40714 2024-09-9 23:35 2024-09-8 Show GitHub Exploit DB Packet Storm