Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2241	6.5	警告 Network	Open5GS	Open5GS	Open5GSにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-8122	2026-05-12 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

2242	6.5	警告 Network	Open5GS	Open5GS	Open5GSにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-8123	2026-05-12 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

2243	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	CX12L Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.のCX12L Pro Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-8138	2026-05-12 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

2244	7.8	重要 Local	NAVER Corp.	NAVER MYBOX Explorer for Windows	NAVER Corp.のNAVER MYBOX Explorer for Windowsにおける不適切な権限設定に関する脆弱性	CWE-266 不適切な権限設定	CVE-2026-8148	2026-05-12 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

2245	7.3	重要 Network	Project Jupyter	Jupyter Server	Project JupyterのJupyter Serverにおけるアンカーのない正規表現に関する脆弱性	CWE-777 アンカーのない正規表現	CVE-2026-40110	2026-05-12 10:19	2026-05-5	Show	GitHub Exploit DB Packet Storm

2246	6.1	警告 Network	HCL Technologies Limited	unica HCL Unica Plan HCL Unica Segment Central HCL Unica Centralized Offer Management HCL Unica Audience Campaign HCL U…	HCL Technologies Limitedのunica等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-62320	2026-05-12 10:19	2026-03-17	Show	GitHub Exploit DB Packet Storm

2247	5.5	警告 Local	ヒューレット・パッカード	Samsung Print Service Plugin	ヒューレット・パッカードのSamsung Print Service PluginにおけるAndroid アプリケーションコンポーネントの不適切なエクスポートの脆弱性	CWE-926 CWE-noinfo	CVE-2026-3291	2026-05-12 10:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2248	8.8	重要 Network	langflow	langflow Langflow-base	langflowのLangflow-base等の複数製品における複数の脆弱性	CWE-639 CWE-862	CVE-2026-34046	2026-05-12 10:19	2026-03-27	Show	GitHub Exploit DB Packet Storm

2249	7.5	重要 Network	Gazelle project	Gazelle	KazeburoのGazelleにおけるHTTP リクエストスマグリングに関する脆弱性	CWE-444 HTTP リクエストスマグリング	CVE-2026-40562	2026-05-12 10:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

2250	5.3	警告 Network	opentelemetry	OpenTelemetry.Exporter.Zipkin	opentelemetryのOpenTelemetry.Exporter.Zipkinにおける複数の脆弱性	CWE-400 CWE-770	CVE-2026-41310	2026-05-12 10:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
318661	-	-	-	Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file type filtering in the file attachment parameter.	-	CVE-2024-27731	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

318662	-	-	-	Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature.	-	CVE-2024-27730	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

318663	-	-	-	Vulnerability in Xiexe XSOverlay before build 647 allows non-local websites to send the malicious commands to the WebSocket API, resulting in the arbitrary code execution.	-	CVE-2024-23168	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

318664	-	-	-	XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which cou…	-	CVE-2024-22218	2024-08-19 22:00	2024-08-16	Show	GitHub Exploit DB Packet Storm

318665	-	-	-	Module savepoints could be abused to inject references to malicious code delivered through the same domain. Attackers could perform malicious API requests or extract information from the users accoun…	-	CVE-2024-25582	2024-08-19 21:59	2024-08-19	Show	GitHub Exploit DB Packet Storm

318666	-	-	-	Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This issue affects Propovoice CRM: from n/a through 1.7.6.4.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-43350	2024-08-19 21:59	2024-08-19	Show	GitHub Exploit DB Packet Storm

318667	-	-	-	Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100.	-	CVE-2024-43322	2024-08-19 21:59	2024-08-19	Show	GitHub Exploit DB Packet Storm

318668	-	-	-	Authorization Bypass Through User-Controlled Key vulnerability in Checkout Plugins Stripe Payments For WooCommerce by Checkout.This issue affects Stripe Payments For WooCommerce by Checkout: from n/a…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-43315	2024-08-19 21:59	2024-08-19	Show	GitHub Exploit DB Packet Storm

318669	-	-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Timeline Lite allows Stored XSS.This issue affects Bold Timeline Lite: fro…	CWE-79 Cross-site Scripting	CVE-2024-43294	2024-08-19 21:59	2024-08-19	Show	GitHub Exploit DB Packet Storm

318670	-	-	-	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This iss…	CWE-79 Cross-site Scripting	CVE-2024-43292	2024-08-19 21:59	2024-08-19	Show	GitHub Exploit DB Packet Storm