Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2471 6.5 警告
Network 		Devolutions Devolutions Server DevolutionsのDevolutions Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-6706 2026-05-7 11:25 2026-04-28 Show GitHub Exploit DB Packet Storm
2472 6.5 警告
Adjacent 		Amazon.com, Inc. freertos-plus-tcp Amazon.com, Inc.のfreertos-plus-tcpにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-7422 2026-05-7 11:25 2026-04-29 Show GitHub Exploit DB Packet Storm
2473 6.5 警告
Adjacent 		Amazon.com, Inc. freertos-plus-tcp Amazon.com, Inc.のfreertos-plus-tcpにおける整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2026-7423 2026-05-7 11:25 2026-04-29 Show GitHub Exploit DB Packet Storm
2474 8.1 重要
Adjacent 		Amazon.com, Inc. freertos-plus-tcp Amazon.com, Inc.のfreertos-plus-tcpにおける整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2026-7424 2026-05-7 11:25 2026-04-29 Show GitHub Exploit DB Packet Storm
2475 6.5 警告
Adjacent 		Amazon.com, Inc. freertos-plus-tcp Amazon.com, Inc.のfreertos-plus-tcpにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-7425 2026-05-7 11:25 2026-04-29 Show GitHub Exploit DB Packet Storm
2476 8.1 重要
Adjacent 		Amazon.com, Inc. freertos-plus-tcp Amazon.com, Inc.のfreertos-plus-tcpにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-7426 2026-05-7 11:25 2026-04-29 Show GitHub Exploit DB Packet Storm
2477 5.4 警告
Network 		レッドハット build of keycloak レッドハットのbuild of keycloakにおけるリクエストの直接送信に関する脆弱性 CWE-425
CWE-noinfo
CVE-2026-7500 2026-05-7 11:25 2026-04-30 Show GitHub Exploit DB Packet Storm
2478 8.8 重要
Network 		HKUDS OpenHarness HKUDSのOpenHarnessにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-7551 2026-05-7 11:25 2026-04-30 Show GitHub Exploit DB Packet Storm
2479 9.8 緊急
Network 		Synway SMG Gateway Management Software SynwayのSMG Gateway Management SoftwareにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2025-71284 2026-05-7 10:53 2026-04-30 Show GitHub Exploit DB Packet Storm
2480 7.8 重要
Local 		KDE project KCoreAddons KDE projectのKCoreAddonsにおけるエスケープ、メタ、またはコントロールシーケンスの不適切な無効化に関する脆弱性 CWE-150
エスケープ、メタ、またはコントロールシーケンスの不適切な無効化 		CVE-2026-41526 2026-05-7 10:53 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313491 7.8 HIGH
Local 		adobe acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc 		Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context … CWE-843
Type Confusion 		CVE-2024-45112 2024-09-19 23:56 2024-09-13 Show GitHub Exploit DB Packet Storm
313492 7.5 HIGH
Network 		utarit soliclub Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.This issue affects SoliClub: before 4.4.0 for iOS, befo… NVD-CWE-noinfo
CVE-2024-3305 2024-09-19 23:44 2024-09-12 Show GitHub Exploit DB Packet Storm
313493 7.5 HIGH
Network 		utarit soliclub Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoliClub: befo… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-3306 2024-09-19 23:43 2024-09-12 Show GitHub Exploit DB Packet Storm
313494 5.3 MEDIUM
Network 		emilyploszaj emi EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and … CWE-129
 Improper Validation of Array Index 		CVE-2024-41564 2024-09-19 23:40 2024-08-29 Show GitHub Exploit DB Packet Storm
313495 8.8 HIGH
Network 		zohocorp manageengine_pam360
manageengine_password_manager_pro 		Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option. CWE-89
SQL Injection 		CVE-2024-5546 2024-09-19 23:39 2024-08-28 Show GitHub Exploit DB Packet Storm
313496 5.4 MEDIUM
Network 		connx esp_hr_management Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script t… CWE-79
Cross-site Scripting 		CVE-2024-7269 2024-09-19 23:37 2024-08-28 Show GitHub Exploit DB Packet Storm
313497 7.5 HIGH
Network 		rockwellautomation compactlogix_5380_firmware
compact_guardlogix_5380_sil_2_firmware
compact_guardlogix_5380_sil_3_firmware
compactlogix_5480_firmware
controllogix_5580_firmware
guardlogix_5580_firmware<… 		A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailab… NVD-CWE-noinfo
CVE-2024-6077 2024-09-19 23:31 2024-09-13 Show GitHub Exploit DB Packet Storm
313498 9.8 CRITICAL
Network 		soplanning soplanning A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be avai… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2024-27114 2024-09-19 23:27 2024-09-11 Show GitHub Exploit DB Packet Storm
313499 6.1 MEDIUM
Network 		microfocus edirectory Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. CWE-79
Cross-site Scripting 		CVE-2021-22503 2024-09-19 23:25 2024-09-12 Show GitHub Exploit DB Packet Storm
313500 9.1 CRITICAL
Network 		microfocus edirectory Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2021-22533 2024-09-19 23:24 2024-09-12 Show GitHub Exploit DB Packet Storm