Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1421	7.5	重要 Network	VMware	Spring AI	VMwareのSpring AIにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2026-41712	2026-05-14 10:18	2026-05-12	Show	GitHub Exploit DB Packet Storm

1422	8.2	重要 Network	VMware	Spring AI	VMwareのSpring AIにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-1336 テンプレートエンジンで使用される特殊な要素の不適切な無効化	CVE-2026-41713	2026-05-14 10:18	2026-05-12	Show	GitHub Exploit DB Packet Storm

1423	6.5	警告 Network	LangGenius	Dify	LangGeniusのDifyにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-41950	2026-05-14 10:18	2026-05-5	Show	GitHub Exploit DB Packet Storm

1424	9.6	緊急 Network	Streetwriters	Notesnook Mobile Notesnook Desktop	StreetwritersのNotesnook Desktop等の複数製品における複数の脆弱性	CWE-79 CWE-94	CVE-2026-42090	2026-05-14 10:18	2026-05-4	Show	GitHub Exploit DB Packet Storm

1425	6.5	警告 Network	goshs	goshs	goshsにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-42091	2026-05-14 10:18	2026-05-4	Show	GitHub Exploit DB Packet Storm

1426	4.8	警告 Network	Weblate	wlc	Weblateのwlcにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42150	2026-05-14 10:18	2026-05-8	Show	GitHub Exploit DB Packet Storm

1427	5.9	警告 Network	Teluu Ltd.	PJSIP	Teluu Ltd.のPJSIPにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-42225	2026-05-14 10:18	2026-05-7	Show	GitHub Exploit DB Packet Storm

1428	4.3	警告 Network	Onyx	Onyx	Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-42276	2026-05-14 10:18	2026-05-8	Show	GitHub Exploit DB Packet Storm

1429	6.5	警告 Network	Onyx	Onyx	Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-42277	2026-05-14 10:18	2026-05-8	Show	GitHub Exploit DB Packet Storm

1430	5.5	警告 Local	Python Software Foundation	Python Pillow	Python Software FoundationのPython Pillowにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-42308	2026-05-14 10:18	2026-05-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311901	7.8	HIGH Local	-	-	A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges.	-	CVE-2024-33578	2024-10-15 21:58	2024-10-12	Show	GitHub Exploit DB Packet Storm

311902	6.5	MEDIUM Adjacent	-	-	An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and lo…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2024-47503	2024-10-15 21:58	2024-10-12	Show	GitHub Exploit DB Packet Storm

311903	7.5	HIGH Network	-	-	An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2024-47502	2024-10-15 21:58	2024-10-12	Show	GitHub Exploit DB Packet Storm

311904	5.5	MEDIUM Local	-	-	A NULL Pointer Dereference vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C allows a locally authentica…	CWE-476 NULL Pointer Dereference	CVE-2024-47501	2024-10-15 21:58	2024-10-12	Show	GitHub Exploit DB Packet Storm

311905	7.5	HIGH Network	-	-	An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based a…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2024-47499	2024-10-15 21:58	2024-10-12	Show	GitHub Exploit DB Packet Storm

311906	6.5	MEDIUM Adjacent	-	-	An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service…	-	CVE-2024-47498	2024-10-15 21:58	2024-10-12	Show	GitHub Exploit DB Packet Storm

311907	-		-	-	DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.	CWE-79 Cross-site Scripting	CVE-2024-47875	2024-10-15 21:58	2024-10-12	Show	GitHub Exploit DB Packet Storm

311908	-		-	-	CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated …	CWE-269 Improper Privilege Management	CVE-2024-9002	2024-10-15 21:58	2024-10-11	Show	GitHub Exploit DB Packet Storm

311909	-		-	-	CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash sc…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2024-8531	2024-10-15 21:58	2024-10-11	Show	GitHub Exploit DB Packet Storm

311910	-		-	-	CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS.	CWE-306 Missing Authentication for Critical Function	CVE-2024-8530	2024-10-15 21:58	2024-10-11	Show	GitHub Exploit DB Packet Storm