Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2531	7.5	重要 Network	xmlsoft.org レッドハット	Red Hat Hardened Images Red Hat OpenShift Container Platform libxml2 Red Hat Enterprise Linux JBoss Core Services	レッドハット等の複数ベンダの製品における型の取り違えに関する脆弱性	CWE-843 型の取り違え	CVE-2026-6732	2026-05-7 10:50	2026-04-23	Show	GitHub Exploit DB Packet Storm

2532	7.5	重要 Network	Eclipse Foundation	Eclipse OpenJ9	Eclipse FoundationのEclipse OpenJ9における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-6918	2026-05-7 10:50	2026-05-5	Show	GitHub Exploit DB Packet Storm

2533	-	-	IDrive Inc.	IDrive Cloud Backup Client for Windows	IDrive Cloud Backup Client for Windowsにおける権限昇格の脆弱性	-	CVE-2026-1995	2026-05-1 15:13	2026-04-30	Show	GitHub Exploit DB Packet Storm

2534	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年04月28日）	-	-	2026-05-1 14:31	2026-04-30	Show	GitHub Exploit DB Packet Storm

2535	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F456 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF456 Firmwareにおける複数の脆弱性	CWE-119 CWE-120	CVE-2026-7100	2026-05-1 10:49	2026-04-27	Show	GitHub Exploit DB Packet Storm

2536	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	F456 Firmware	Shenzhen Tenda Technology Co.,Ltd.のF456 Firmwareにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-7102	2026-05-1 10:49	2026-04-27	Show	GitHub Exploit DB Packet Storm

2537	7.2	重要 Local	click project	click	Pallets projectのClickにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-7246	2026-05-1 10:49	2026-04-30	Show	GitHub Exploit DB Packet Storm

2538	7.8	重要 Local	LizardSystems	Terminal Services Manager	LizardSystemsのTerminal Services Managerにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2018-25259	2026-05-1 10:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

2539	5.5	警告 Local	EZB Systems	UltraISO	EZB SystemsのUltraISOにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2018-25267	2026-05-1 10:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

2540	6.1	警告 Network	IceWarp, Inc.	icewarp	IceWarp, Inc.のicewarpにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2018-25269	2026-05-1 10:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313521	6.5	MEDIUM Network	lenovo	xclarity_administrator	A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call.	NVD-CWE-noinfo	CVE-2024-45104	2024-09-19 10:49	2024-09-14	Show	GitHub Exploit DB Packet Storm

313522	9.8	CRITICAL Network	heyewei	jfinalcms	A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads t…	CWE-22 Path Traversal	CVE-2024-8782	2024-09-19 10:46	2024-09-14	Show	GitHub Exploit DB Packet Storm

313523	6.5	MEDIUM Adjacent	zephyrproject	zephyr	BT: Encryption procedure host vulnerability	NVD-CWE-noinfo	CVE-2024-5754	2024-09-19 10:44	2024-09-14	Show	GitHub Exploit DB Packet Storm

313524	6.5	MEDIUM Adjacent	zephyrproject	zephyr	BT: Missing length checks of net_buf in rfcomm_handle_data	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2024-6258	2024-09-19 10:40	2024-09-14	Show	GitHub Exploit DB Packet Storm

313525	9.8	CRITICAL Network	mayurik	best_free_law_office_management	SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortex_lite/con…	CWE-89 SQL Injection	CVE-2024-44430	2024-09-19 10:38	2024-09-14	Show	GitHub Exploit DB Packet Storm

313526	8.8	HIGH Network	qdocs	smart_school	A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. Affected by this vulnerability is an unknown functionality of the file /user/chat/mynewuser of the comp…	CWE-89 SQL Injection	CVE-2024-8784	2024-09-19 10:38	2024-09-14	Show	GitHub Exploit DB Packet Storm

313527	5.4	MEDIUM Network	opentibiabr	myaac	A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16. Affected is an unknown function of the file system/pages/forum/new_post.php of the component Post Reply Han…	CWE-79 Cross-site Scripting	CVE-2024-8783	2024-09-19 10:38	2024-09-14	Show	GitHub Exploit DB Packet Storm

313528	6.5	MEDIUM Adjacent	zephyrproject	zephyr	BT: Unchecked user input in bap_broadcast_assistant	CWE-787 Out-of-bounds Write	CVE-2024-5931	2024-09-19 10:35	2024-09-14	Show	GitHub Exploit DB Packet Storm

313529	6.5	MEDIUM Adjacent	zephyrproject	zephyr	BT:Classic: Multiple missing buf length checks	CWE-369 Divide By Zero	CVE-2024-6135	2024-09-19 10:34	2024-09-14	Show	GitHub Exploit DB Packet Storm

313530	6.5	MEDIUM Adjacent	zephyrproject	zephyr	BT: HCI: adv_ext_report Improper discarding in adv_ext_report	CWE-787 Out-of-bounds Write	CVE-2024-6259	2024-09-19 10:33	2024-09-14	Show	GitHub Exploit DB Packet Storm