Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2481	7.5	重要 Network	アップル	tvOS iOS iPadOS visionos	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-28940	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2482	7.1	重要 Network	アップル	iOS iPadOS	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-28941	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2483	6.5	警告 Network		-	アップルのmacOSにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-28946	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2484	8.8	重要 Network	アップル	tvOS iOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-28947	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2485	7.5	重要 Network	アップル	iOS iPadOS	アップルのiPadOS等の複数製品における整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-28952	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2486	7.5	重要 Network	アップル	tvOS iOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-28955	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2487	6.5	警告 Network	アップル	tvOS iOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における複数の脆弱性	CWE-125 CWE-787	CVE-2026-28956	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2488	3.3	低 Local	アップル	visionos iOS iPadOS	アップルのiPadOS等の複数製品におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-28957	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2489	7.5	重要 Network	アップル	tvOS iOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-28959	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

2490	4.6	警告 Physics	アップル	iOS iPadOS	アップルのiPadOS等の複数製品における認可されていない行為者への個人情報の漏えいに関する脆弱性	CWE-359 認可されていないアクターへの個人情報の漏えい	CVE-2026-28963	2026-05-15 11:04	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312031	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-4348	2024-11-15 21:15	2024-11-15	Show	GitHub Exploit DB Packet Storm

312032	9.8	CRITICAL Network	-	-	Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device…	CWE-78 OS Command	CVE-2024-11120	2024-11-15 11:15	2024-11-15	Show	GitHub Exploit DB Packet Storm

312033	9.1	CRITICAL Network	paloaltonetworks	expedition	An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, a…	CWE-89 SQL Injection	CVE-2024-9465	2024-11-15 11:00	2024-10-10	Show	GitHub Exploit DB Packet Storm

312034	7.5	HIGH Network	paloaltonetworks	expedition	An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cle…	CWE-78 OS Command	CVE-2024-9463	2024-11-15 11:00	2024-10-10	Show	GitHub Exploit DB Packet Storm

312035	5.4	MEDIUM Network	ladybirdweb	faveo_helpdesk	An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields	CWE-79 Cross-site Scripting	CVE-2024-51377	2024-11-15 08:23	2024-11-2	Show	GitHub Exploit DB Packet Storm

312036	9.8	CRITICAL Network	olivegroup	olivevle	An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function.	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2024-48428	2024-11-15 08:15	2024-10-26	Show	GitHub Exploit DB Packet Storm

312037	7.5	HIGH Network	plenti	plenti	Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti use…	CWE-22 Path Traversal	CVE-2024-49381	2024-11-15 08:04	2024-10-25	Show	GitHub Exploit DB Packet Storm

312038	8.8	HIGH Network	autolabproject	autolab	Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient…	CWE-863 Incorrect Authorization	CVE-2024-49376	2024-11-15 07:49	2024-10-25	Show	GitHub Exploit DB Packet Storm

312039	9.8	CRITICAL Network	vice	webopac	Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents.	CWE-89 SQL Injection	CVE-2024-11016	2024-11-15 06:53	2024-11-11	Show	GitHub Exploit DB Packet Storm

312040	9.8	CRITICAL Network	matrixcomsec	cosec_vega_faxq_firmware	This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vu…	NVD-CWE-Other	CVE-2024-10381	2024-11-15 06:44	2024-10-25	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed