Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1591 5.4 警告
Network 		Daniel Garcia Vaultwarden Daniel GarciaのVaultwardenにおけるデータの信頼性についての不十分な検証に関する脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2026-31835 2026-05-13 10:25 2026-05-5 Show GitHub Exploit DB Packet Storm
1592 6.5 警告
Network 		FRRouting Project FRRouting FRRouting ProjectのFRRoutingにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-37458 2026-05-13 10:25 2026-05-4 Show GitHub Exploit DB Packet Storm
1593 7.5 重要
Network 		osrg GoBGP osrgのGoBGPにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-37461 2026-05-13 10:25 2026-05-4 Show GitHub Exploit DB Packet Storm
1594 3.7
Network 		GNU Project
レッドハット		 GnuTLS
Red Hat Hardened Images
Red Hat OpenShift Container Platform
Red Hat Enterprise Linux 		GNU Project等の複数ベンダの製品における動作順序:早期検証に関する脆弱性 CWE-179
不適切な動作順序:早期検証 		CVE-2026-3832 2026-05-13 10:25 2026-04-30 Show GitHub Exploit DB Packet Storm
1595 5.4 警告
Network 		Weblate Weblate Weblateにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-41519 2026-05-13 10:25 2026-05-7 Show GitHub Exploit DB Packet Storm
1596 7.1 重要
Network 		monetr monetr monetrにおける複数の脆弱性 CWE-209
CWE-770
CWE-918
CWE-918
CVE-2026-41644 2026-05-13 10:25 2026-05-7 Show GitHub Exploit DB Packet Storm
1597 8.1 重要
Network 		Weblate Weblate Weblateにおける複数の脆弱性 CWE-20
CWE-918
CVE-2026-41654 2026-05-13 10:24 2026-05-7 Show GitHub Exploit DB Packet Storm
1598 6.1 警告
Network 		LangGenius Dify LangGeniusのDifyにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42138 2026-05-13 10:24 2026-05-4 Show GitHub Exploit DB Packet Storm
1599 7.5 重要
Network 		Prometheus Prometheus Prometheusにおける複数の脆弱性 CWE-200
CWE-312
CVE-2026-42151 2026-05-13 10:24 2026-05-4 Show GitHub Exploit DB Packet Storm
1600 7.5 重要
Network 		Prometheus Prometheus Prometheusにおける複数の脆弱性 CWE-400
CWE-789
CVE-2026-42154 2026-05-13 10:24 2026-05-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312131 - - - TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/gro… CWE-863
 Incorrect Authorization 		CVE-2024-47780 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312132 - - - Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affect… CWE-610
Externally Controlled Reference to a Resource in Another Sphere 		CVE-2024-47773 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312133 - - - Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service (DoS). - CVE-2024-46539 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312134 - - - PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature - CVE-2024-46410 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312135 9.8 CRITICAL
Network 		- - Microsoft Configuration Manager Remote Code Execution Vulnerability CWE-89
SQL Injection 		CVE-2024-43468 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312136 - - - NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a… - CVE-2024-35215 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312137 8.0 HIGH
Adjacent 		- - Windows Hyper-V Remote Code Execution Vulnerability CWE-20
CWE-829
 Improper Input Validation 
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2024-30092 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312138 - - - An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string. - CVE-2024-25885 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312139 7.1 HIGH
Adjacent 		- - Windows Hyper-V Security Feature Bypass Vulnerability CWE-20
 Improper Input Validation  		CVE-2024-20659 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
312140 5.3 MEDIUM
Network 		- - A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is … CWE-444
HTTP Request Smuggling 		CVE-2024-9622 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm