Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2551	7.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける複数の脆弱性	CWE-121 CWE-170	CVE-2026-34462	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2552	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける複数の脆弱性	CWE-121 CWE-170	CVE-2026-34464	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2553	7	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-34596	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2554	6.5	警告 Network	Django Software Foundation	Django	Django Software FoundationのDjangoにおける重要情報を含む永続 Cookie の使用に関する脆弱性	CWE-539 重要情報を含む永続 Cookie の使用	CVE-2026-35192	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2555	5	警告 Network	Linux Containers	Incus	Linux ContainersのIncusにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-35527	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2556	4.8	警告 Network	Broadcom	symantec siteminder	Broadcomのsymantec siteminderにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3862	2026-05-11 10:58	2026-03-10	Show	GitHub Exploit DB Packet Storm

2557	2.7	低 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける認可されていない行為者への個人情報の漏えいに関する脆弱性	CWE-359 CWE-noinfo	CVE-2026-3911	2026-05-11 10:58	2026-03-11	Show	GitHub Exploit DB Packet Storm

2558	6.5	警告 Network	Linux Containers	Incus	Linux ContainersのIncusにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-40195	2026-05-11 10:58	2026-05-6	Show	GitHub Exploit DB Packet Storm

2559	6.5	警告 Network	Linux Containers	Incus	Linux ContainersのIncusにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-40197	2026-05-11 10:58	2026-05-6	Show	GitHub Exploit DB Packet Storm

2560	6.5	警告 Network	Linux Containers	Incus	Linux ContainersのIncusにおける配列インデックスの検証に関する脆弱性	CWE-129 配列インデックスの不適切な検証	CVE-2026-40251	2026-05-11 10:58	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312621	4.8	MEDIUM Network	aftabhusain	category_and_taxonomy_image	The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_category_image' parameter in versions up to, and including, 1.0.0 due to insufficient input…	CWE-79 Cross-site Scripting	CVE-2024-9591	2024-10-30 01:04	2024-10-22	Show	GitHub Exploit DB Packet Storm

312622	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN401 'stream_enc_regs' array is an array of dcn10_stream…	CWE-129 Improper Validation of Array Index	CVE-2024-49970	2024-10-30 00:57	2024-10-22	Show	GitHub Exploit DB Packet Storm

312623	9.1	CRITICAL Network	openrefine	butterfly	The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resour…	CWE-22 Path Traversal	CVE-2024-47883	2024-10-30 00:38	2024-10-25	Show	GitHub Exploit DB Packet Storm

312624	-		-	-	HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this…	-	CVE-2024-30124	2024-10-30 00:35	2024-10-24	Show	GitHub Exploit DB Packet Storm

312625	-		-	-	An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an…	-	CVE-2024-42017	2024-10-30 00:35	2024-10-1	Show	GitHub Exploit DB Packet Storm

312626	-		sgi	irix	root privileges via buffer overflow in ordist command on SGI IRIX systems.	NVD-CWE-Other	CVE-1999-0029	2024-10-30 00:35	1997-07-16	Show	GitHub Exploit DB Packet Storm

312627	5.4	MEDIUM Network	hikashop	hikashop	A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious p…	CWE-79 Cross-site Scripting	CVE-2024-40746	2024-10-30 00:34	2024-10-22	Show	GitHub Exploit DB Packet Storm

312628	5.4	MEDIUM Network	jesweb	anchor_episodes_index	The Anchor Episodes Index (Spotify for Podcasters) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's anchor_episodes shortcode in all versions up to, and including, 2…	CWE-79 Cross-site Scripting	CVE-2024-10189	2024-10-30 00:27	2024-10-22	Show	GitHub Exploit DB Packet Storm

312629	5.5	MEDIUM Local	apple	macos	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause a coprocessor crash.	CWE-787 Out-of-bounds Write	CVE-2024-40810	2024-10-30 00:21	2024-10-25	Show	GitHub Exploit DB Packet Storm

312630	4.3	MEDIUM Network	colorlib	simple_custom_post_order	Missing Authorization vulnerability in Colorlib Simple Custom Post Order allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Custom Post Order: from n/a …	CWE-862 Missing Authorization	CVE-2024-49321	2024-10-30 00:20	2024-10-21	Show	GitHub Exploit DB Packet Storm