Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2451 7.5 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2025-14869 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
2452 7.5 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2025-14870 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
2453 5.6 警告
Network 		デル elastic cloud storage
Dell ObjectScale 		デルのelastic cloud storage等の複数製品における認証回避の脆弱性 CWE-302
認証回避の脆弱性 		CVE-2025-43992 2026-05-18 12:08 2026-05-11 Show GitHub Exploit DB Packet Storm
2454 6.7 警告
Local 		フォーティネット FortiAP-U
FortiAP
FortiAP-W2 		フォーティネットのFortiAP-U等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-53680 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
2455 7.2 重要
Network 		フォーティネット FortiMail フォーティネットのFortiMailにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-53681 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
2456 8.8 重要
Network 		フォーティネット FortiOS フォーティネットのFortiOSにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2025-53844 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
2457 6.7 警告
Local 		フォーティネット FortiAP
FortiAP-W2 		フォーティネットのFortiAP-W2等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-53870 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
2458 5.3 警告
Network 		strapi strapi strapiにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2025-64526 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
2459 5.3 警告
Network 		フォーティネット FortiManager
FortiAnalyzer 		フォーティネットのFortiAnalyzer等の複数製品における潜在的に危険な関数の使用に関する脆弱性 CWE-676
潜在的に危険な関数の使用 		CVE-2025-67604 2026-05-18 12:08 2026-05-12 Show GitHub Exploit DB Packet Storm
2460 7.5 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-1184 2026-05-18 12:08 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319031 8.8 HIGH
Network 		portabilis i-educar i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 b… CWE-89
SQL Injection 		CVE-2024-45059 2024-09-14 05:09 2024-08-29 Show GitHub Exploit DB Packet Storm
319032 8.1 HIGH
Network 		portabilis i-educar i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal vie… CWE-862
 Missing Authorization 		CVE-2024-45058 2024-09-14 05:06 2024-08-29 Show GitHub Exploit DB Packet Storm
319033 6.1 MEDIUM
Network 		portabilis i-educar i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting (XSS) vulnerability was i… CWE-79
Cross-site Scripting 		CVE-2024-45057 2024-09-14 05:03 2024-08-29 Show GitHub Exploit DB Packet Storm
319034 7.5 HIGH
Network 		huawei harmonyos
emui 		Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability. NVD-CWE-noinfo
CVE-2024-45442 2024-09-14 05:00 2024-09-4 Show GitHub Exploit DB Packet Storm
319035 5.4 MEDIUM
Network 		squaredup squaredup_ds_for_scom SquaredUp DS for SCOM 6.2.1.11104 allows XSS. CWE-79
Cross-site Scripting 		CVE-2024-45180 2024-09-14 04:55 2024-09-4 Show GitHub Exploit DB Packet Storm
319036 8.1 HIGH
Network 		idec windo\/i-nv4
windldr 		Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user cre… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-41716 2024-09-14 04:53 2024-09-4 Show GitHub Exploit DB Packet Storm
319037 4.3 MEDIUM
Network 		audiobookshelf audiobookshelf audiobookshelf is a self-hosted audiobook and podcast server. A non-admin user is not allowed to create libraries (or access only the ones they have permission to). However, the `LibraryController` i… CWE-22
Path Traversal 		CVE-2024-43797 2024-09-14 04:49 2024-09-3 Show GitHub Exploit DB Packet Storm
319038 9.8 CRITICAL
Network 		zyxel nwa110ax_firmware
nwa1123-ac_pro_firmware
nwa1123acv3_firmware
nwa130be_firmware
nwa210ax_firmware
nwa220ax-6e_firmware
nwa50ax_firmware
nwa50ax_pro_firmware
nwa55axe_firmware… 		The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) and e… CWE-78
OS Command  		CVE-2024-7261 2024-09-14 04:39 2024-09-3 Show GitHub Exploit DB Packet Storm
319039 9.8 CRITICAL
Network 		cisco smart_license_utility A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential. This vulnerability is … CWE-798
 Use of Hard-coded Credentials 		CVE-2024-20439 2024-09-14 04:35 2024-09-5 Show GitHub Exploit DB Packet Storm
319040 5.3 MEDIUM
Network 		funnelforms funnelforms_free The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability… CWE-862
 Missing Authorization 		CVE-2024-7447 2024-09-14 04:33 2024-08-28 Show GitHub Exploit DB Packet Storm