Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2191 9.8 緊急
Network 		NVIDIA nvflare NVIDIAのnvflareにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-24178 2026-05-7 11:28 2026-04-28 Show GitHub Exploit DB Packet Storm
2192 8.8 重要
Network 		NVIDIA nvflare NVIDIAのnvflareにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-24186 2026-05-7 11:28 2026-04-28 Show GitHub Exploit DB Packet Storm
2193 6.5 警告
Network 		NVIDIA nvflare NVIDIAのnvflareにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-24204 2026-05-7 11:28 2026-04-28 Show GitHub Exploit DB Packet Storm
2194 5.3 警告
Network 		GNOME Project
レッドハット		 Red Hat Enterprise Linux
libsoup 		GNOME Project等の複数ベンダの製品におけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-2708 2026-05-7 11:28 2026-04-23 Show GitHub Exploit DB Packet Storm
2195 7.1 重要
Network 		Nimiq Nimiq Proof of Stake (core-rs-albatross) NimiqのNimiq Proof of Stake (core-rs-albatross)におけるデータの整合性検証不備に関する脆弱性 CWE-354
データの整合性検証不備 		CVE-2026-28402 2026-05-7 11:28 2026-02-27 Show GitHub Exploit DB Packet Storm
2196 6.5 警告
Network 		アップル Container アップルのContainerにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-28909 2026-05-7 11:28 2026-04-30 Show GitHub Exploit DB Packet Storm
2197 7.5 重要
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP ServerにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-29169 2026-05-7 11:28 2026-05-4 Show GitHub Exploit DB Packet Storm
2198 5.9 警告
Network 		Hex Hex Hexにおける複数の脆弱性 CWE-354
CWE-494
CVE-2026-32148 2026-05-7 11:28 2026-04-30 Show GitHub Exploit DB Packet Storm
2199 4.8 警告
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP Serverにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-33006 2026-05-7 11:27 2026-05-4 Show GitHub Exploit DB Packet Storm
2200 5.3 警告
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP ServerにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-33007 2026-05-7 11:27 2026-05-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313271 6.1 MEDIUM
Network 		eaton foreseer_electrical_power_monitoring_system The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However, the input fields for this feature in the Eaton Foreseer software lacked proper input sa… CWE-79
Cross-site Scripting 		CVE-2024-31414 2024-09-20 03:48 2024-09-14 Show GitHub Exploit DB Packet Storm
313272 8.1 HIGH
Network 		lunary lunary A Cross-Site Request Forgery (CSRF) vulnerability exists in lunary-ai/lunary version 1.2.34 due to overly permissive CORS settings. This vulnerability allows an attacker to sign up for and create pro… CWE-352
 Origin Validation Error 		CVE-2024-6862 2024-09-20 03:37 2024-09-14 Show GitHub Exploit DB Packet Storm
313273 6.5 MEDIUM
Network 		lunary lunary An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint. This endpoint does not verify that the user has the necessary access righ… CWE-1220
 Insufficient Granularity of Access Control 		CVE-2024-6867 2024-09-20 03:28 2024-09-14 Show GitHub Exploit DB Packet Storm
313274 9.8 CRITICAL
Network 		arm mbed_tls An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in… CWE-295
Improper Certificate Validation  		CVE-2024-45159 2024-09-20 03:26 2024-09-6 Show GitHub Exploit DB Packet Storm
313275 4.8 MEDIUM
Network 		peepso peepso The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.4.5.0 due t… CWE-79
Cross-site Scripting 		CVE-2024-7655 2024-09-20 03:20 2024-09-10 Show GitHub Exploit DB Packet Storm
313276 4.8 MEDIUM
Network 		peepso peepso The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, … CWE-79
Cross-site Scripting 		CVE-2024-7618 2024-09-20 03:20 2024-09-10 Show GitHub Exploit DB Packet Storm
313277 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer … CWE-476
 NULL Pointer Dereference 		CVE-2024-46694 2024-09-20 03:16 2024-09-13 Show GitHub Exploit DB Packet Storm
313278 5.4 MEDIUM
Network 		microfocus netiq_access_manager Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1. CWE-79
Cross-site Scripting 		CVE-2024-4554 2024-09-20 03:15 2024-08-28 Show GitHub Exploit DB Packet Storm
313279 7.1 HIGH
Local 		stripe stripe-cli stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a man… CWE-22
Path Traversal 		CVE-2024-45401 2024-09-20 03:12 2024-09-6 Show GitHub Exploit DB Packet Storm
313280 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpus_read_lock() in pg_net_init() I have seen the WARN_ON(smp_processor_id() != cpu) firing in pktgen_thread_worker()… NVD-CWE-noinfo
CVE-2024-46681 2024-09-20 03:10 2024-09-13 Show GitHub Exploit DB Packet Storm