Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 12:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2311	7.8	重要 Local	マイクロソフト	Microsoft 365 Apps Office Long Term Servicing Channel (LTSC) Microsoft PowerPoint Microsoft Office	Microsoft PowerPoint のリモートでコードが実行される脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32200	2026-04-30 11:03	2026-04-14	Show	GitHub Exploit DB Packet Storm

2312	7.8	重要 Local	デル	Alienware Command Center	デルのAlienware Command Centerにおける最小権限の違反に関する脆弱性	CWE-272 最小権限の違反	CVE-2026-32655	2026-04-30 11:03	2026-04-27	Show	GitHub Exploit DB Packet Storm

2313	2.7	低 Network	GitHub	Enterprise Server	GitHubのEnterprise Serverにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-3307	2026-04-30 11:03	2026-04-21	Show	GitHub Exploit DB Packet Storm

2314	5.5	警告 Local	マイクロソフト	Microsoft Dynamics 365	Microsoft Dynamics 365 の(オンプレミス) で、情報漏えいの脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-33103	2026-04-30 11:03	2026-04-14	Show	GitHub Exploit DB Packet Storm

2315	10	緊急 Network	Apache Software Foundation	Apache Camel	Apache Software FoundationのApache Camelにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性	CWE-915 動的に決定されたオブジェクト属性の不適切に制御された変更	CVE-2026-33453	2026-04-30 11:03	2026-04-27	Show	GitHub Exploit DB Packet Storm

2316	9.4	緊急 Network	Apache Software Foundation	Apache Camel	Apache Software FoundationのApache Camelにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-33454	2026-04-30 11:03	2026-04-27	Show	GitHub Exploit DB Packet Storm

2317	7.5	重要 Network	Linaro	OP-TEE Trusted OS	LinaroのOP-TEE Trusted OSにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-33662	2026-04-30 11:03	2026-04-24	Show	GitHub Exploit DB Packet Storm

2318	7.4	重要 Network	OpenProject	OpenProject	OpenProjectにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-33667	2026-04-30 11:03	2026-04-15	Show	GitHub Exploit DB Packet Storm

2319	6.7	警告 Local	デル	data domain operating system	デルのdata domain operating systemにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-35154	2026-04-30 11:03	2026-04-20	Show	GitHub Exploit DB Packet Storm

2320	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性	CWE-684 指定された機能の不適切な提供	CVE-2026-35379	2026-04-30 11:03	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314001	-	-	-	Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where co…	-	CVE-2024-38807	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314002	-	-	-	Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple tim…	-	CVE-2024-43105	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314003	-	-	-	The WP Table Builder WordPress plugin through 1.5.0 does not sanitise and escape some of its Table data, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting a…	-	CVE-2024-3282	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314004	-	-	-	A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Ph…	-	CVE-2024-42762	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314005	-	-	-	A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via sched…	-	CVE-2024-42761	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314006	-	-	-	An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.	-	CVE-2024-45201	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314007	-	-	-	NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory.	-	CVE-2024-7634	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314008	-	-	-	Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/add_room_controller.php.	-	CVE-2024-42767	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314009	-	-	-	Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users.php.	-	CVE-2024-42776	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm

314010	-	-	-	An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to add the valid hotel room e…	-	CVE-2024-42775	2024-08-24 01:18	2024-08-23	Show	GitHub Exploit DB Packet Storm