Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2031 5.9 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品における認証に関する脆弱性 CWE-287
CWE-Other
CVE-2026-27856 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
2032 5.3 警告
Network 		Timo Sirainen
Open-Xchange		 Dovecot Pro
Dovecot 		Timo Sirainen等の複数ベンダの製品におけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-27860 2026-05-1 10:39 2026-03-27 Show GitHub Exploit DB Packet Storm
2033 8.4 重要
Local 		Anthropic PBC Claude Code
Claude Agent SDK 		Anthropic PBCのClaude Agent SDK等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-35020 2026-05-1 10:39 2026-04-6 Show GitHub Exploit DB Packet Storm
2034 7.8 重要
Local 		Anthropic PBC Claude Code
Claude Agent SDK 		Anthropic PBCのClaude Agent SDK等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-35021 2026-05-1 10:39 2026-04-6 Show GitHub Exploit DB Packet Storm
2035 9.8 緊急
Network 		Anthropic PBC Claude Code
Claude Agent SDK 		Anthropic PBCのClaude Agent SDK等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-35022 2026-05-1 10:39 2026-04-6 Show GitHub Exploit DB Packet Storm
2036 7.8 重要
Local 		MAGIX MAGIX MP3 deluxe MAGIXのMAGIX MP3 deluxeにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25260 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
2037 7.8 重要
Local 		Enter Srl Iperius Backup Enter SrlのIperius Backupにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25261 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
2038 10 緊急
Network 		マイクロソフト Microsoft Purview eDiscovery Microsoft Purview eDiscovery Elevation of Privilege Vulnerability CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-26150 2026-05-1 10:39 2026-04-23 Show GitHub Exploit DB Packet Storm
2039 8.8 重要
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける非公開の機能に関する脆弱性 CWE-912
非公開の機能 		CVE-2026-31847 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
2040 9.8 緊急
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2026-31848 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313251 8.8 HIGH
Network 		10up simple_local_avatars Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects Simple Local Avatars: from n/a through 2.7.10. CWE-352
 Origin Validation Error 		CVE-2024-43116 2024-09-19 01:22 2024-08-27 Show GitHub Exploit DB Packet Storm
313252 8.8 HIGH
Network 		loftware spectrum Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks. CWE-611
XXE 		CVE-2023-37233 2024-09-19 01:10 2024-09-11 Show GitHub Exploit DB Packet Storm
313253 9.8 CRITICAL
Network 		loftware spectrum Loftware Spectrum through 4.6 has unprotected JMX Registry. NVD-CWE-noinfo
CVE-2023-37234 2024-09-19 01:05 2024-09-11 Show GitHub Exploit DB Packet Storm
313254 7.5 HIGH
Network 		loftware spectrum Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor. NVD-CWE-noinfo
CVE-2023-37232 2024-09-19 00:55 2024-09-11 Show GitHub Exploit DB Packet Storm
313255 8.8 HIGH
Network 		inspireui mstore_api The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_user_profile() function i… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8242 2024-09-19 00:47 2024-09-14 Show GitHub Exploit DB Packet Storm
313256 9.1 CRITICAL
Network 		siemens simatic_rf360r_firmware
simatic_rf1170r_firmware
simatic_rf1140r_firmware
simatic_reader_rf685r_fcc_firmware
simatic_reader_rf685r_etsi_firmware
simatic_reader_rf685r_cmiit_firmware 		A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF… NVD-CWE-noinfo
CVE-2024-37995 2024-09-19 00:37 2024-09-10 Show GitHub Exploit DB Packet Storm
313257 7.1 HIGH
Network 		siemens simatic_rf360r_firmware
simatic_rf1170r_firmware
simatic_rf1140r_firmware
simatic_reader_rf685r_fcc_firmware
simatic_reader_rf685r_etsi_firmware
simatic_reader_rf685r_cmiit_firmware 		A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF… NVD-CWE-Other
CVE-2024-37994 2024-09-19 00:35 2024-09-10 Show GitHub Exploit DB Packet Storm
313258 4.8 MEDIUM
Network 		classcms classcms A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handle… CWE-79
Cross-site Scripting 		CVE-2024-8145 2024-09-19 00:34 2024-08-25 Show GitHub Exploit DB Packet Storm
313259 7.5 HIGH
Network 		siemens simatic_rf360r_firmware
simatic_rf1170r_firmware
simatic_rf1140r_firmware
simatic_reader_rf685r_fcc_firmware
simatic_reader_rf685r_etsi_firmware
simatic_reader_rf685r_cmiit_firmware 		A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF… NVD-CWE-noinfo
CVE-2024-37993 2024-09-19 00:32 2024-09-10 Show GitHub Exploit DB Packet Storm
313260 7.5 HIGH
Network 		siemens simatic_rf360r_firmware
simatic_rf1170r_firmware
simatic_rf1140r_firmware
simatic_reader_rf685r_fcc_firmware
simatic_reader_rf685r_etsi_firmware
simatic_reader_rf685r_cmiit_firmware 		A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF… NVD-CWE-noinfo
CVE-2024-37992 2024-09-19 00:31 2024-09-10 Show GitHub Exploit DB Packet Storm