Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2331	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41501	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2332	7.8	重要 Local	Sebastian Bergmann	PHPUnit	Sebastian BergmannのPHPUnitにおける複数の脆弱性	CWE-88 CWE-93	CVE-2026-41570	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2333	7.5	重要 Network	Zcash Foundation	Zebra-chain Zebrad	Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-41584	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2334	5.3	警告 Network	projectdiscovery	Nuclei	ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41645	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2335	5.5	警告 Local	projectdiscovery	Nuclei	ProjectDiscovery, Inc.のNucleiにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41646	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

2336	8.1	重要 Network		-	OpenC3のOpenC3 COSMOSにおける未検証のパスワード変更に関する脆弱性	CWE-620 未検証のパスワード変更	CVE-2026-42084	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

2337	4.3	警告 Network		-	OpenC3のOpenC3 COSMOSにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-42085	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

2338	4.6	警告 Network		-	OpenC3のOpenC3 COSMOSにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42086	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

2339	9.6	緊急 Network		-	OpenC3のOpenC3 COSMOSにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42087	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

2340	9.8	緊急 Network	litellm	litellm	LiteLLMにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42208	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
318621	7.3	HIGH Network	oretnom23	simple_online_bidding_system	A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-sy…	NVD-CWE-noinfo	CVE-2024-7799	2024-08-20 01:47	2024-08-15	Show	GitHub Exploit DB Packet Storm

318622	9.8	CRITICAL Network	oretnom23	simple_online_bidding_system	A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-b…	CWE-89 SQL Injection	CVE-2024-7798	2024-08-20 01:42	2024-08-15	Show	GitHub Exploit DB Packet Storm

318623	-		-	-	The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.	-	CVE-2024-6330	2024-08-20 01:35	2024-08-19	Show	GitHub Exploit DB Packet Storm

318624	-		-	-	An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements.	-	CVE-2024-42850	2024-08-20 01:35	2024-08-17	Show	GitHub Exploit DB Packet Storm

318625	9.8	CRITICAL Network	oretnom23	simple_online_bidding_system	A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. Affected is an unknown function of the file /simple-online-bidding-system/bidding/adm…	CWE-89 SQL Injection	CVE-2024-7797	2024-08-20 01:28	2024-08-15	Show	GitHub Exploit DB Packet Storm

318626	9.8	CRITICAL Network	adrianmercurio	vehicle_management_system	A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file mybill.php. The manipulation o…	CWE-89 SQL Injection	CVE-2024-7794	2024-08-20 01:27	2024-08-15	Show	GitHub Exploit DB Packet Storm

318627	5.4	MEDIUM Network	rems	task_progress_tracker	A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.p…	CWE-79 Cross-site Scripting	CVE-2024-7793	2024-08-20 01:25	2024-08-15	Show	GitHub Exploit DB Packet Storm

318628	7.8	HIGH Local	adobe	substance_3d_stager	Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i…	CWE-416 Use After Free	CVE-2024-39388	2024-08-20 01:23	2024-08-15	Show	GitHub Exploit DB Packet Storm

318629	7.8	HIGH Local	adobe	indesign	InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memor…	CWE-125 Out-of-bounds Read	CVE-2024-39393	2024-08-20 01:22	2024-08-15	Show	GitHub Exploit DB Packet Storm

318630	7.8	HIGH Local	adobe	indesign	InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitat…	CWE-787 Out-of-bounds Write	CVE-2024-39391	2024-08-20 01:22	2024-08-15	Show	GitHub Exploit DB Packet Storm