Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1911	4.9	警告 Network	Kimai project	kimai	Kimai projectのKimaiにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-44298	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1912	7.8	重要 Local	LibreOffice プロジェクト	LibreOffice	LibreOffice プロジェクトのLibreOfficeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-4430	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

1913	8.4	重要 Local	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44334	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1914	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44335	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1915	9.6	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-22 CWE-829 CWE-913 CWE-94	CVE-2026-44336	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1916	6.3	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-89	CVE-2026-44337	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1917	7.3	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-1188 CWE-306 CWE-668	CVE-2026-44338	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1918	8.6	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性	CWE-470 クラスまたはコードを選択する外部から制御された入力の使用	CVE-2026-44339	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1919	7.5	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-22 CWE-59	CVE-2026-44340	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

1920	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-44406	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
318371	6.1	MEDIUM Network	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-5306	2024-01-3 01:15	2023-11-1	Show	GitHub Exploit DB Packet Storm

318372	6.1	MEDIUM Network	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-44486	2024-01-3 01:15	2023-11-1	Show	GitHub Exploit DB Packet Storm

318373	6.1	MEDIUM Network	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-44485	2024-01-3 01:15	2023-11-1	Show	GitHub Exploit DB Packet Storm

318374	9.8	CRITICAL Network	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-48690	2024-01-3 00:15	2023-12-22	Show	GitHub Exploit DB Packet Storm

318375	9.8	CRITICAL Network	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-48688	2024-01-3 00:15	2023-12-22	Show	GitHub Exploit DB Packet Storm

318376	9.8	CRITICAL Network	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-48686	2024-01-3 00:15	2023-12-22	Show	GitHub Exploit DB Packet Storm

318377	7.8	HIGH Local	-	-	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.	-	CVE-2023-36546	2023-12-31 12:15	2023-08-8	Show	GitHub Exploit DB Packet Storm

318378	6.1	MEDIUM Network	cacti	cacti	Reflected Cross Site Scripting (XSS) vulnerability in Cacti v1.2.25, allows remote attackers to escalate privileges when uploading an xml template file via templates_import.php.	CWE-79 Cross-site Scripting	CVE-2023-50569	2023-12-29 15:23	2023-12-22	Show	GitHub Exploit DB Packet Storm

318379	-		postnuke	postnuke	The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message.	CWE-425 Direct Request ('Forced Browsing')	CVE-2005-1697	2023-12-29 04:27	2005-05-24	Show	GitHub Exploit DB Packet Storm

318380	-		wordpress	wordpress	Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in…	CWE-425 Direct Request ('Forced Browsing')	CVE-2005-1688	2023-12-29 04:27	2005-05-20	Show	GitHub Exploit DB Packet Storm