Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2261 5.9 警告
Network 		Elasticsearch B.V. Elastic Package Registry Elasticsearch B.V.のElastic Package Registryにおけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-33467 2026-05-7 10:53 2026-04-28 Show GitHub Exploit DB Packet Storm
2262 4.4 警告
Local 		Mercurycom MIPC252W Firmware MercurycomのMIPC252W Firmwareにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-35901 2026-05-7 10:53 2026-04-27 Show GitHub Exploit DB Packet Storm
2263 6.2 警告
Local 		Mercurycom MIPC252W Firmware MercurycomのMIPC252W Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-35902 2026-05-7 10:53 2026-04-27 Show GitHub Exploit DB Packet Storm
2264 9.8 緊急
Network 		Mercurycom MIPC252W Firmware MercurycomのMIPC252W Firmwareにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-35903 2026-05-7 10:53 2026-04-27 Show GitHub Exploit DB Packet Storm
2265 4.8 警告
Network 		Apache Software Foundation Apache Storm Prometheus Reporter Apache Software FoundationのApache Storm Prometheus Reporterにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-40557 2026-05-7 10:53 2026-04-27 Show GitHub Exploit DB Packet Storm
2266 8.8 重要
Network 		minerva minerva Agilonhealth (MphRx)のMinervaにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-5779 2026-05-7 10:53 2026-04-28 Show GitHub Exploit DB Packet Storm
2267 8.1 重要
Network 		minerva minerva Agilonhealth (MphRx)のMinervaにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-5780 2026-05-7 10:52 2026-04-28 Show GitHub Exploit DB Packet Storm
2268 8.8 重要
Network 		Frappe ERPNext FrappeのERPNextにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2023-54345 2026-05-7 10:52 2026-05-5 Show GitHub Exploit DB Packet Storm
2269 7.5 重要
Network 		OpenEMR OpenEMR OpenEMRにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2023-54347 2026-05-7 10:52 2026-05-5 Show GitHub Exploit DB Packet Storm
2270 7.2 重要
Network 		デル data domain operating system デルのdata domain operating systemにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2025-46607 2026-05-7 10:52 2026-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313361 7.8 HIGH
Local 		schneider-electric vijeo_designer_embedded_in_ecostruxure_machine_expert
vijeo_designer 		CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated u… NVD-CWE-noinfo
CVE-2024-8306 2024-09-19 04:51 2024-09-12 Show GitHub Exploit DB Packet Storm
313362 6.7 MEDIUM
Local 		dell latitude_5290_2-in-1_firmware
precision_3420_tower_firmware
precision_3620_firmware
wyse_7040_thin_client_firmware
precision_7720_firmware
precision_7520_firmware
precision_5530_2-i… 		Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading … NVD-CWE-noinfo
CVE-2024-38483 2024-09-19 04:19 2024-08-14 Show GitHub Exploit DB Packet Storm
313363 7.8 HIGH
Local 		adobe audition Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi… CWE-787
 Out-of-bounds Write 		CVE-2024-39378 2024-09-19 04:16 2024-09-12 Show GitHub Exploit DB Packet Storm
313364 5.5 MEDIUM
Local 		adobe audition Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to by… CWE-125
Out-of-bounds Read 		CVE-2024-41868 2024-09-19 04:13 2024-09-12 Show GitHub Exploit DB Packet Storm
313365 6.1 MEDIUM
Network 		mayurik best_house_rental_management_system A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file categories.php. The manip… CWE-79
Cross-site Scripting 		CVE-2024-8708 2024-09-19 04:11 2024-09-12 Show GitHub Exploit DB Packet Storm
313366 6.5 MEDIUM
Network 		microsoft edge Microsoft Edge (Chromium-based) Information Disclosure Vulnerability NVD-CWE-noinfo
CVE-2024-38222 2024-09-19 04:01 2024-09-12 Show GitHub Exploit DB Packet Storm
313367 7.3 HIGH
Local 		cisco meraki_systems_manager A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.  This vulnerability is … CWE-427
 Uncontrolled Search Path Element 		CVE-2024-20430 2024-09-19 03:56 2024-09-13 Show GitHub Exploit DB Packet Storm
313368 8.8 HIGH
Network 		owasp defectdojo An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component. NVD-CWE-Other
CVE-2023-48171 2024-09-19 03:54 2024-08-13 Show GitHub Exploit DB Packet Storm
313369 7.5 HIGH
Network 		i-doit i-doit SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker to send a specially crafted query to the ID parameter in /var/www/html/src/classes/modules/api/model/cm… CWE-89
SQL Injection 		CVE-2024-8749 2024-09-19 03:53 2024-09-12 Show GitHub Exploit DB Packet Storm
313370 8.8 HIGH
Network 		sir gnuboard Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration. CWE-346
 Origin Validation Error 		CVE-2024-41475 2024-09-19 03:51 2024-08-13 Show GitHub Exploit DB Packet Storm