Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1511 5.3 警告
Network 		oobabooga TextGen oobaboogaのTextGenにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35484 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
1512 7.5 重要
Network 		oobabooga TextGen oobaboogaのTextGenにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35485 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
1513 8.8 重要
Network 		Pi-hole FTLDNS Pi-holeのFTLDNSにおける複数の脆弱性 CWE-78
CWE-93
CVE-2026-35517 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
1514 8.8 重要
Network 		Pi-hole FTLDNS Pi-holeのFTLDNSにおける複数の脆弱性 CWE-78
CWE-93
CVE-2026-35518 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
1515 8.8 重要
Network 		Pi-hole FTLDNS Pi-holeのFTLDNSにおける複数の脆弱性 CWE-78
CWE-93
CVE-2026-35519 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
1516 8.8 重要
Network 		Pi-hole FTLDNS Pi-holeのFTLDNSにおける複数の脆弱性 CWE-78
CWE-93
CVE-2026-35520 2026-04-30 11:02 2026-04-7 Show GitHub Exploit DB Packet Storm
1517 8.8 重要
Network 		Pi-hole FTLDNS Pi-holeのFTLDNSにおける複数の脆弱性 CWE-78
CWE-93
CVE-2026-35521 2026-04-30 11:02 2026-04-7 Show GitHub Exploit DB Packet Storm
1518 6.1 警告
Local 		OpenClaw OpenClaw OpenClawにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2026-35667 2026-04-30 11:02 2026-04-10 Show GitHub Exploit DB Packet Storm
1519 7.8 重要
Local 		Foxit pdf editor
pdf reader 		Foxitのpdf editor等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-3779 2026-04-30 11:02 2026-04-1 Show GitHub Exploit DB Packet Storm
1520 7.8 重要
Local 		Foxit pdf editor
pdf reader 		Foxitのpdf editor等の複数製品における信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-3780 2026-04-30 11:02 2026-04-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313341 5.5 MEDIUM
Local 		fortinet fortios An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained wri… NVD-CWE-Other
CVE-2024-36505 2024-08-22 23:36 2024-08-14 Show GitHub Exploit DB Packet Storm
313342 - - - An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable. - CVE-2024-45168 2024-08-22 23:35 2024-08-22 Show GitHub Exploit DB Packet Storm
313343 - - - An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a me… - CVE-2024-45166 2024-08-22 23:35 2024-08-22 Show GitHub Exploit DB Packet Storm
313344 9.8 CRITICAL
Network 		arajajyothibabu school_management_system School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php. CWE-89
SQL Injection 		CVE-2024-42573 2024-08-22 23:35 2024-08-20 Show GitHub Exploit DB Packet Storm
313345 7.8 HIGH
Local 		fortinet fortimanager
fortianalyzer 		A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 t… NVD-CWE-Other
CVE-2024-21757 2024-08-22 23:34 2024-08-14 Show GitHub Exploit DB Packet Storm
313346 9.0 CRITICAL
Network 		fortinet fortisoar An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web scri… CWE-79
Cross-site Scripting 		CVE-2023-26211 2024-08-22 23:33 2024-08-14 Show GitHub Exploit DB Packet Storm
313347 8.8 HIGH
Network 		fortinet fortios
fortipam
fortiswitchmanager
fortiproxy 		An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 al… CWE-613
 Insufficient Session Expiration 		CVE-2022-45862 2024-08-22 23:32 2024-08-14 Show GitHub Exploit DB Packet Storm
313348 7.8 HIGH
Local 		fortinet fortiddos-f
fortiddos 		A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0,… CWE-78
OS Command  		CVE-2022-27486 2024-08-22 23:29 2024-08-14 Show GitHub Exploit DB Packet Storm
313349 7.1 HIGH
Network 		pepperl-fuchs icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus… 		An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once. CWE-79
Cross-site Scripting 		CVE-2024-5849 2024-08-22 22:39 2024-08-13 Show GitHub Exploit DB Packet Storm
313350 7.1 HIGH
Network 		pepperl-fuchs icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus… 		An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once. CWE-79
Cross-site Scripting 		CVE-2024-38502 2024-08-22 22:35 2024-08-13 Show GitHub Exploit DB Packet Storm