Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2501 8.8 重要
Adjacent 		エレコム株式会社 WRC-X3000GS2-B ファームウェア
WAB-I1750-PS
WAB-S1775 ファームウェア
WRC-X3000GST2-B
WAB-S733MI
WAB-S1167-PS
WRC-X3000GS2A-B ファームウェア
WAB-M1775-PS ファームウェア
WRC-X3000GS2-W&n… 		エレコム製無線LANルーターおよび無線アクセスポイントにおける複数の脆弱性 CWE-119
CWE-79
CWE-Other
CVE-2024-34577
CVE-2024-39300
CVE-2024-42412
CVE-2024-43689 		2026-05-12 15:01 2024-08-27 Show GitHub Exploit DB Packet Storm
2502 6.8 警告
Adjacent 		エレコム株式会社 WRC-2533GST2 ファームウェア
WRC-X3000GST2-B
WRC-X1800GS-B
WRC-X6000QSA-G
WRC-2533GS2V-B
WMC-X1800GST-B
WRC-G01-W
WRC-XE5400GS-G
WRC-X1800GSA-B
WRC-X1800GSH-B
WRC-X6000XST-… 		エレコム製無線LANルーターにおける複数の脆弱性 CWE-352
CWE-78
CWE-Other
CVE-2024-34021
CVE-2024-39607
CVE-2024-40883 		2026-05-12 14:51 2024-07-30 Show GitHub Exploit DB Packet Storm
2503 - - ollama ollama Ollamaにおける境界外の読み取りおよび書き込みの脆弱性 - - 2026-05-12 12:34 2026-05-11 Show GitHub Exploit DB Packet Storm
2504 4.9 警告
Network 		キヤノン (複数の製品) キヤノン製プロダクションプリンター、オフィス/スモールオフィス向け複合機における機微な情報を取得可能な脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-1789 2026-05-12 12:34 2026-05-11 Show GitHub Exploit DB Packet Storm
2505 - - - サーバ製品におけるインテル社公表脆弱性(INTEL-SA-01397他)による影響について - CVE-2025-22885
CVE-2025-27560
CVE-2025-27572
CVE-2025-27940
CVE-2025-30513
CVE-2025-31648
CVE-2025-31944
CVE-2025-32007
CVE-2025-32467 		2026-05-12 11:50 2026-03-27 Show GitHub Exploit DB Packet Storm
2506 - - - サーバ製品におけるBIOSの脆弱性(CVE-2026-22796)による影響について - CVE-2026-22796 2026-05-12 11:38 2026-04-24 Show GitHub Exploit DB Packet Storm
2507 5.3 警告
Local 		Prusa3D PrusaSlicer Prusa3DのPrusaSlicerにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2023-47268 2026-05-12 10:21 2026-05-8 Show GitHub Exploit DB Packet Storm
2508 7.2 重要
Network 		HCL Technologies Limited HCL BigFix Service Management (SM) HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるリソースの安全ではないデフォルト値への初期化に関する脆弱性 CWE-1188
リソースの安全ではないデフォルト値への初期化 		CVE-2025-31974 2026-05-12 10:21 2026-05-6 Show GitHub Exploit DB Packet Storm
2509 6.1 警告
Network 		Project Jupyter Jupyter Server Project JupyterのJupyter Serverにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2025-61669 2026-05-12 10:21 2026-05-5 Show GitHub Exploit DB Packet Storm
2510 8.1 重要
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける不完全なクリーンアップに関する脆弱性 CWE-459
不完全なクリーンアップ 		CVE-2025-66467 2026-05-12 10:21 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312311 7.5 HIGH
Network 		63moons aero
wave_2.0 		This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by interceptin… NVD-CWE-Other
CVE-2024-51561 2024-11-7 00:59 2024-11-4 Show GitHub Exploit DB Packet Storm
312312 6.1 MEDIUM
Network 		bna pospratik Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings.This issue affects PosPratik: before v3.… CWE-79
Cross-site Scripting 		CVE-2024-9147 2024-11-7 00:53 2024-11-4 Show GitHub Exploit DB Packet Storm
312313 7.5 HIGH
Network 		zimaspace zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the ZimaOS API endpoint `http://<Zima_Server_IP:PORT>/v3/file?t… CWE-22
Path Traversal 		CVE-2024-48931 2024-11-7 00:46 2024-10-25 Show GitHub Exploit DB Packet Storm
312314 9.8 CRITICAL
Network 		lunary lunary A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary version v1.4.2. The `order by` clause of the SQL query uses `sql.unsafe` without prior sanitization, all… CWE-89
SQL Injection 		CVE-2024-7456 2024-11-7 00:45 2024-11-1 Show GitHub Exploit DB Packet Storm
312315 4.8 MEDIUM
Network 		dublue table_of_contents_plus The Table of Contents Plus WordPress plugin through 2408 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting atta… CWE-79
Cross-site Scripting 		CVE-2024-5578 2024-11-7 00:44 2024-11-5 Show GitHub Exploit DB Packet Storm
312316 4.8 MEDIUM
Network 		nsqua simply_schedule_appointments The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Notification settings, which could allow high … CWE-79
Cross-site Scripting 		CVE-2024-7877 2024-11-7 00:42 2024-11-5 Show GitHub Exploit DB Packet Storm
312317 4.8 MEDIUM
Network 		nsqua simply_schedule_appointments The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Appointment Type settings, which could allow h… CWE-79
Cross-site Scripting 		CVE-2024-7876 2024-11-7 00:42 2024-11-5 Show GitHub Exploit DB Packet Storm
312318 - - - An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room… - CVE-2024-42773 2024-11-7 00:35 2024-08-23 Show GitHub Exploit DB Packet Storm
312319 8.8 HIGH
Network 		zohocorp manageengine_exchange_reporter_plus Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. CWE-89
SQL Injection 		CVE-2024-9459 2024-11-7 00:29 2024-11-5 Show GitHub Exploit DB Packet Storm
312320 7.5 HIGH
Network 		zimaspace zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoints in ZimaOS, such as `http://<Server-IP>/v1/use… CWE-862
 Missing Authorization 		CVE-2024-49357 2024-11-7 00:28 2024-10-25 Show GitHub Exploit DB Packet Storm