Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2201 7.3 重要
Network 		Apache Software Foundation Apache Thrift Apache Software FoundationのApache Thriftにおける複数の脆弱性 CWE-113
CWE-22
CWE-346
CWE-400
CVE-2026-43870 2026-05-8 12:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2202 6.5 警告
Network 		Apache Software Foundation Apache Wicket Apache Software FoundationのApache Wicketにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-43975 2026-05-8 12:21 2026-05-6 Show GitHub Exploit DB Packet Storm
2203 7.5 重要
Network 		MongoDB Inc. MongoDB C Driver MongoDB Inc.のMongoDB C Driverにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-6231 2026-05-8 12:21 2026-04-13 Show GitHub Exploit DB Packet Storm
2204 4.9 警告
Network 		Tanium Tanium Interact TaniumのTanium Interactにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-6416 2026-05-8 12:21 2026-04-22 Show GitHub Exploit DB Packet Storm
2205 7.1 重要
Local 		GNU Project GNU Emacs GNU ProjectのGNU Emacsにおける境界条件の判定に関する脆弱性 CWE-193
境界条件の判定 		CVE-2026-6861 2026-05-8 12:21 2026-04-22 Show GitHub Exploit DB Packet Storm
2206 7.5 重要
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2026-6914 2026-05-8 12:21 2026-04-29 Show GitHub Exploit DB Packet Storm
2207 4.3 警告
Network 		MongoDB Inc. MongoDB MongoDB Inc.のMongoDBにおける入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2026-6915 2026-05-8 12:21 2026-04-29 Show GitHub Exploit DB Packet Storm
2208 4.3 警告
Network 		レッドハット Red Hat OpenShift Container Platform レッドハットのRed Hat OpenShift Container Platformにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-7309 2026-05-8 12:20 2026-04-28 Show GitHub Exploit DB Packet Storm
2209 4.3 警告
Network 		Open5GS Open5GS Open5GSにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2026-7585 2026-05-8 12:20 2026-05-1 Show GitHub Exploit DB Packet Storm
2210 4.3 警告
Network 		Open5GS Open5GS Open5GSにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性 CWE-404
リソースの不適切なシャットダウンおよびリリース 		CVE-2026-7586 2026-05-8 12:20 2026-05-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312561 6.8 MEDIUM
Physics 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial consol… CWE-798
 Use of Hard-coded Credentials 		CVE-2024-8449 2024-10-5 00:08 2024-09-30 Show GitHub Exploit DB Packet Storm
312562 8.8 HIGH
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and o… CWE-798
 Use of Hard-coded Credentials 		CVE-2024-8448 2024-10-5 00:07 2024-09-30 Show GitHub Exploit DB Packet Storm
312563 4.8 MEDIUM
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject ar… CWE-79
Cross-site Scripting 		CVE-2024-8457 2024-10-4 23:45 2024-09-30 Show GitHub Exploit DB Packet Storm
312564 9.8 CRITICAL
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and sy… CWE-306
Missing Authentication for Critical Function 		CVE-2024-8456 2024-10-4 23:45 2024-09-30 Show GitHub Exploit DB Packet Storm
312565 5.9 MEDIUM
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware
igs-5225-4up1t2s_firmware 		The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user p… CWE-326
Inadequate Encryption Strength 		CVE-2024-8455 2024-10-4 23:45 2024-09-30 Show GitHub Exploit DB Packet Storm
312566 4.9 MEDIUM
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and ob… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-8459 2024-10-4 23:42 2024-09-30 Show GitHub Exploit DB Packet Storm
312567 8.8 HIGH
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malici… CWE-352
 Origin Validation Error 		CVE-2024-8458 2024-10-4 23:42 2024-09-30 Show GitHub Exploit DB Packet Storm
312568 7.5 HIGH
Network 		echostar fusion Credentials to access device configuration were transmitted using an unencrypted protocol. These credentials would allow read-only access to network configuration information and terminal configurati… NVD-CWE-noinfo
CVE-2024-42495 2024-10-4 23:37 2024-09-6 Show GitHub Exploit DB Packet Storm
312569 4.6 MEDIUM
Physics 		echostar fusion Credentials to access device configuration information stored unencrypted in flash memory. These credentials would allow read-only access to network configuration information and terminal configurati… CWE-522
 Insufficiently Protected Credentials 		CVE-2024-39278 2024-10-4 23:36 2024-09-6 Show GitHub Exploit DB Packet Storm
312570 - - - Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_zip function. - CVE-2024-46080 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm