Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1841 8.8 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-8975 2026-05-22 10:51 2026-05-19 Show GitHub Exploit DB Packet Storm
1842 3.3
Local 		Siber Systems Inc. RoboForm Password Manager Androidアプリ「パスワード管理 ロボフォーム」のintent処理における検証不備の脆弱性 CWE-357
危険な操作に対する不十分な警告 		CVE-2026-47782 2026-05-21 16:37 2026-05-20 Show GitHub Exploit DB Packet Storm
1843 - - (複数のベンダ) (複数の製品) CISA ICS Advisory / ICS Medical Advisory(2026年05月19日) - - 2026-05-21 16:17 2026-05-20 Show GitHub Exploit DB Packet Storm
1844 6.1 警告
Network 		Northern.tech cfengine Northern.techのcfengineにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-24710 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
1845 5.3 警告
Network 		Northern.tech cfengine Northern.techのcfengineにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-24711 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
1846 7.3 重要
Network 		Northern.tech cfengine Northern.techのcfengineにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-24712 2026-05-21 10:55 2026-05-14 Show GitHub Exploit DB Packet Storm
1847 9.8 緊急
Network 		Open JS Foundation WebdriverIO Open JS FoundationのWebdriverIOにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-25244 2026-05-21 10:55 2026-05-18 Show GitHub Exploit DB Packet Storm
1848 6.5 警告
Network 		マイクロソフト Power Automate for Desktop Microsoft Power Automate デスクトップの情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2026-40374 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
1849 7.8 重要
Local 		protobufjs project protobufjs-cli protobufjs projectのprotobufjs-cliにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-42290 2026-05-21 10:55 2026-05-13 Show GitHub Exploit DB Packet Storm
1850 6.1 警告
Network 		beaugunderson ip-address beaugundersonのip-addressにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42338 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319361 8.8 HIGH
Network 		angeljudesuarez tailoring_management_system A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The man… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-7506 2024-09-12 05:02 2024-08-6 Show GitHub Exploit DB Packet Storm
319362 9.8 CRITICAL
Network 		rainniar bike_delivery_system A vulnerability, which was classified as critical, was found in itsourcecode Bike Delivery System 1.0. Affected is an unknown function of the file contact_us_action.php. The manipulation of the argum… CWE-89
SQL Injection 		CVE-2024-7505 2024-09-12 04:53 2024-08-6 Show GitHub Exploit DB Packet Storm
319363 6.5 MEDIUM
Network 		cybozu office Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access b… NVD-CWE-noinfo
CVE-2024-39817 2024-09-12 04:36 2024-08-6 Show GitHub Exploit DB Packet Storm
319364 9.8 CRITICAL
Network 		tenda i22_firmware A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipula… CWE-120
Classic Buffer Overflow 		CVE-2024-7585 2024-09-12 04:32 2024-08-8 Show GitHub Exploit DB Packet Storm
319365 9.8 CRITICAL
Network 		tenda i22_firmware A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the … CWE-120
Classic Buffer Overflow 		CVE-2024-7584 2024-09-12 04:25 2024-08-8 Show GitHub Exploit DB Packet Storm
319366 7.8 HIGH
Local 		jetbrains teamcity In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions CWE-276
Incorrect Default Permissions  		CVE-2024-43114 2024-09-12 04:11 2024-08-6 Show GitHub Exploit DB Packet Storm
319367 5.5 MEDIUM
Local 		huawei emui
harmonyos 		LaunchAnywhere vulnerability in the account module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. NVD-CWE-noinfo
CVE-2024-42034 2024-09-12 03:55 2024-08-8 Show GitHub Exploit DB Packet Storm
319368 7.8 HIGH
Local 		huawei harmonyos
emui 		Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality. NVD-CWE-noinfo
CVE-2024-42035 2024-09-12 03:52 2024-08-8 Show GitHub Exploit DB Packet Storm
319369 8.8 HIGH
Network 		pharmacy_management_system_project pharmacy_management_system A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The mani… CWE-89
SQL Injection 		CVE-2024-8147 2024-09-12 03:37 2024-08-25 Show GitHub Exploit DB Packet Storm
319370 5.5 MEDIUM
Local 		logitech options\+ Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera. CWE-863
 Incorrect Authorization 		CVE-2024-8011 2024-09-12 03:15 2024-08-25 Show GitHub Exploit DB Packet Storm