Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2321 7.5 重要
Network 		Linaro OP-TEE Trusted OS LinaroのOP-TEE Trusted OSにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-33662 2026-04-30 11:03 2026-04-24 Show GitHub Exploit DB Packet Storm
2322 7.4 重要
Network 		OpenProject OpenProject OpenProjectにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-33667 2026-04-30 11:03 2026-04-15 Show GitHub Exploit DB Packet Storm
2323 6.7 警告
Local 		デル data domain operating system デルのdata domain operating systemにおける権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-35154 2026-04-30 11:03 2026-04-20 Show GitHub Exploit DB Packet Storm
2324 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性 CWE-684
指定された機能の不適切な提供 		CVE-2026-35379 2026-04-30 11:03 2026-04-22 Show GitHub Exploit DB Packet Storm
2325 5.5 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-35380 2026-04-30 11:03 2026-04-22 Show GitHub Exploit DB Packet Storm
2326 10 緊急
Network 		マイクロソフト Microsoft Entra ID Microsoft Entra ID Entitlement Management Spoofing Vulnerability CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-35431 2026-04-30 11:03 2026-04-23 Show GitHub Exploit DB Packet Storm
2327 5.3 警告
Network 		oobabooga TextGen oobaboogaのTextGenにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35484 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
2328 7.5 重要
Network 		oobabooga TextGen oobaboogaのTextGenにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35485 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
2329 8.8 重要
Network 		Pi-hole FTLDNS Pi-holeのFTLDNSにおける複数の脆弱性 CWE-78
CWE-93
CVE-2026-35517 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
2330 8.8 重要
Network 		Pi-hole FTLDNS Pi-holeのFTLDNSにおける複数の脆弱性 CWE-78
CWE-93
CVE-2026-35518 2026-04-30 11:03 2026-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313911 4.3 MEDIUM
Network 		abcd-community abcd A vulnerability, which was classified as problematic, has been found in ABCD ABCD2 up to 2.2.0-beta-1. This issue affects some unknown processing of the file /buscar_integrada.php. The manipulation o… CWE-79
Cross-site Scripting 		CVE-2024-8411 2024-09-5 23:19 2024-09-5 Show GitHub Exploit DB Packet Storm
313912 7.8 HIGH
Local 		yandex yandex_browser Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used. CWE-426
 Untrusted Search Path 		CVE-2024-6473 2024-09-5 23:19 2024-09-3 Show GitHub Exploit DB Packet Storm
313913 9.6 CRITICAL
Adjacent 		progress openedge Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge … CWE-94
Code Injection 		CVE-2024-7345 2024-09-5 23:11 2024-09-4 Show GitHub Exploit DB Packet Storm
313914 4.8 MEDIUM
Network 		progress openedge Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection.  This has been corrected so th… CWE-287
Improper Authentication 		CVE-2024-7346 2024-09-5 23:03 2024-09-4 Show GitHub Exploit DB Packet Storm
313915 6.1 MEDIUM
Network 		progress openedge An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation when an OEE/OEM auto-discovery feature was activated.  Unauthorized access to the discovery service's U… CWE-79
Cross-site Scripting 		CVE-2024-7654 2024-09-5 22:53 2024-09-4 Show GitHub Exploit DB Packet Storm
313916 5.3 MEDIUM
Network 		samsung group_sharing Exposure of sensitive information in GroupSharing prior to version 13.6.13.3 allows remote attackers can force the victim to join the group. NVD-CWE-noinfo
CVE-2024-34659 2024-09-5 22:48 2024-09-4 Show GitHub Exploit DB Packet Storm
313917 7.1 HIGH
Local 		samsung notes Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR. CWE-125
Out-of-bounds Read 		CVE-2024-34658 2024-09-5 22:48 2024-09-4 Show GitHub Exploit DB Packet Storm
313918 9.8 CRITICAL
Network 		samsung notes Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code. CWE-787
 Out-of-bounds Write 		CVE-2024-34657 2024-09-5 22:48 2024-09-4 Show GitHub Exploit DB Packet Storm
313919 8.8 HIGH
Network 		6shr_system_project 6shr_system 6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scripts and use them to execute arbitrary syst… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8330 2024-09-5 22:41 2024-08-30 Show GitHub Exploit DB Packet Storm
313920 8.8 HIGH
Network 		6shr_system_project 6shr_system 6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database … CWE-89
SQL Injection 		CVE-2024-8329 2024-09-5 22:40 2024-08-30 Show GitHub Exploit DB Packet Storm