Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1961	6.8	警告 Physics	ZTE	ZX297520V3 ファームウェア	ZTEのZX297520V3 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-40003	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

1962	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-40004	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

1963	6.5	警告 Network	Zulip	Zulip Server	ZulipのZulip Serverにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-40300	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

1964	6.5	警告 Network	NocoBase	NocoBase	NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-40346	2026-05-15 11:01	2026-04-18	Show	GitHub Exploit DB Packet Storm

1965	8.8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-40357	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

1966	8.8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-1220 アクセス制御の不十分な粒度	CVE-2026-40365	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

1967	8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-40368	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

1968	5.5	警告 Local	jqlang	jq	jqlangのjqにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-40612	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

1969	7.5	重要 Network	PHPOffice	PhpSpreadsheet	PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-40863	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

1970	5.5	警告 Local	jqlang	jq	jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性	CWE-158 NULL バイトまたは NULL キャラクタの不適切な無害化	CVE-2026-41256	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311541	7.2	HIGH Network	wavlink	wn530h4_firmware wn530hg4_firmware wn572hg3_firmware	A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation …	CWE-77 Command Injection	CVE-2024-10428	2024-11-14 02:57	2024-10-28	Show	GitHub Exploit DB Packet Storm

311542	4.3	MEDIUM Network	jenkins	jenkins	Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.	CWE-209 Information Exposure Through an Error Message	CVE-2024-47803	2024-11-14 02:45	2024-10-3	Show	GitHub Exploit DB Packet Storm

311543	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr alloc_size check	NVD-CWE-noinfo	CVE-2024-50246	2024-11-14 02:38	2024-11-9	Show	GitHub Exploit DB Packet Storm

311544	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()…	CWE-415 Double Free	CVE-2024-50215	2024-11-14 02:35	2024-11-9	Show	GitHub Exploit DB Packet Storm

311545	7.5	HIGH Network	jenkins	credentials	Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `confi…	CWE-522 Insufficiently Protected Credentials	CVE-2024-47805	2024-11-14 02:32	2024-10-3	Show	GitHub Exploit DB Packet Storm

311546	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix possible deadlock in mi_read Mutex lock with another subclass used in ni_lock_dir().	NVD-CWE-noinfo	CVE-2024-50245	2024-11-14 02:29	2024-11-9	Show	GitHub Exploit DB Packet Storm

311547	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in ni_clear() Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to uninitialized bitmap dur…	NVD-CWE-noinfo	CVE-2024-50244	2024-11-14 02:28	2024-11-9	Show	GitHub Exploit DB Packet Storm

311548	4.3	MEDIUM Network	jenkins	jenkins	If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of …	NVD-CWE-noinfo	CVE-2024-47804	2024-11-14 02:28	2024-10-3	Show	GitHub Exploit DB Packet Storm

311549	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic() modprobe drm_connector_test and then rmmod drm_connector_…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2024-50214	2024-11-14 02:25	2024-11-9	Show	GitHub Exploit DB Packet Storm

311550	4.3	MEDIUM Network	northern.tech	mender	Northern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect Access Control.	NVD-CWE-Other	CVE-2024-46948	2024-11-14 02:18	2024-11-9	Show	GitHub Exploit DB Packet Storm