Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2641 7.5 重要
Network 		JetBrains IntelliJ IDEA JetBrainsのIntelliJ IDEAにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-41882 2026-05-7 11:26 2026-04-30 Show GitHub Exploit DB Packet Storm
2642 9.8 緊急
Network 		asrmicro asr1803 ファームウェア asrmicroのasr1803 ファームウェアにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-42799 2026-05-7 11:25 2026-04-30 Show GitHub Exploit DB Packet Storm
2643 8.5 重要
Network 		OpenStack Openstack Keystone OpenStackのOpenstack Keystoneにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-43001 2026-05-7 11:25 2026-05-1 Show GitHub Exploit DB Packet Storm
2644 9.8 緊急
Network 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-43037 2026-05-7 11:25 2026-05-1 Show GitHub Exploit DB Packet Storm
2645 9.8 緊急
Network 		Progress Software Corporation MOVEit Automation Web Admin Progress Software CorporationのMOVEit Automation Web Adminにおける根本の脆弱性による認証回避の脆弱性 CWE-305
根本の脆弱性による認証回避 		CVE-2026-4670 2026-05-7 11:25 2026-04-30 Show GitHub Exploit DB Packet Storm
2646 8.8 重要
Network 		Progress Software Corporation MOVEit Automation Web Admin Progress Software CorporationのMOVEit Automation Web Adminにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-5174 2026-05-7 11:25 2026-04-30 Show GitHub Exploit DB Packet Storm
2647 6.5 警告
Network 		GNU Project GNU C Library GNU ProjectのGNU C Libraryにおけるバッファオーバーリードの脆弱性 CWE-126
バッファオーバーリード 		CVE-2026-6238 2026-05-7 11:25 2026-04-28 Show GitHub Exploit DB Packet Storm
2648 8.1 重要
Network 		langflow langflow langflowにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-6542 2026-05-7 11:25 2026-04-30 Show GitHub Exploit DB Packet Storm
2649 6.5 警告
Network 		Devolutions Devolutions Server DevolutionsのDevolutions Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-6706 2026-05-7 11:25 2026-04-28 Show GitHub Exploit DB Packet Storm
2650 6.5 警告
Adjacent 		Amazon.com, Inc. freertos-plus-tcp Amazon.com, Inc.のfreertos-plus-tcpにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-7422 2026-05-7 11:25 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313681 7.5 HIGH
Network 		utarit soliclub Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoliClub: befo… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-3306 2024-09-19 23:43 2024-09-12 Show GitHub Exploit DB Packet Storm
313682 5.3 MEDIUM
Network 		emilyploszaj emi EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and … CWE-129
 Improper Validation of Array Index 		CVE-2024-41564 2024-09-19 23:40 2024-08-29 Show GitHub Exploit DB Packet Storm
313683 8.8 HIGH
Network 		zohocorp manageengine_pam360
manageengine_password_manager_pro 		Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option. CWE-89
SQL Injection 		CVE-2024-5546 2024-09-19 23:39 2024-08-28 Show GitHub Exploit DB Packet Storm
313684 5.4 MEDIUM
Network 		connx esp_hr_management Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script t… CWE-79
Cross-site Scripting 		CVE-2024-7269 2024-09-19 23:37 2024-08-28 Show GitHub Exploit DB Packet Storm
313685 7.5 HIGH
Network 		rockwellautomation compactlogix_5380_firmware
compact_guardlogix_5380_sil_2_firmware
compact_guardlogix_5380_sil_3_firmware
compactlogix_5480_firmware
controllogix_5580_firmware
guardlogix_5580_firmware<… 		A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailab… NVD-CWE-noinfo
CVE-2024-6077 2024-09-19 23:31 2024-09-13 Show GitHub Exploit DB Packet Storm
313686 9.8 CRITICAL
Network 		soplanning soplanning A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be avai… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2024-27114 2024-09-19 23:27 2024-09-11 Show GitHub Exploit DB Packet Storm
313687 6.1 MEDIUM
Network 		microfocus edirectory Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. CWE-79
Cross-site Scripting 		CVE-2021-22503 2024-09-19 23:25 2024-09-12 Show GitHub Exploit DB Packet Storm
313688 9.1 CRITICAL
Network 		microfocus edirectory Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2021-22533 2024-09-19 23:24 2024-09-12 Show GitHub Exploit DB Packet Storm
313689 7.5 HIGH
Network 		microfocus edirectory Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2021-22532 2024-09-19 23:22 2024-09-12 Show GitHub Exploit DB Packet Storm
313690 7.5 HIGH
Network 		cisco smart_license_utility A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessive verbosity in a debug log fi… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-20440 2024-09-19 22:42 2024-09-5 Show GitHub Exploit DB Packet Storm