Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2681	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-6063	2026-05-18 11:24	2026-05-14	Show	GitHub Exploit DB Packet Storm

2682	5.4	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-6073	2026-05-18 11:24	2026-05-14	Show	GitHub Exploit DB Packet Storm

2683	5.4	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-6335	2026-05-18 11:24	2026-05-14	Show	GitHub Exploit DB Packet Storm

2684	4.3	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-6883	2026-05-18 11:24	2026-05-14	Show	GitHub Exploit DB Packet Storm

2685	9.8	緊急 Network	libexpat project	libexpat	libexpat projectのlibexpatにおけるエントロピー不足に関する脆弱性	CWE-331 エントロピー不足	CVE-2026-7210	2026-05-18 11:24	2026-05-11	Show	GitHub Exploit DB Packet Storm

2686	8.8	重要 Adjacent	ZyXEL	WRE6505 ファームウェア	ZyXELのWRE6505 ファームウェアにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-7256	2026-05-18 11:24	2026-05-12	Show	GitHub Exploit DB Packet Storm

2687	4.4	警告 Local	ZyXEL	WRE6505 ファームウェア	ZyXELのWRE6505 ファームウェアにおける重要な情報のセキュアでない格納に関する脆弱性	CWE-922 重要な情報のセキュアでない格納	CVE-2026-7257	2026-05-18 11:24	2026-05-12	Show	GitHub Exploit DB Packet Storm

2688	7.5	重要 Network	ZyXEL	NWA1100-N ファームウェア	ZyXELのNWA1100-N ファームウェアにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-7287	2026-05-18 11:24	2026-05-12	Show	GitHub Exploit DB Packet Storm

2689	5.4	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-7377	2026-05-18 11:24	2026-05-14	Show	GitHub Exploit DB Packet Storm

2690	9.8	緊急 Network	OpenClaw	OpenClaw	OpenClawにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-8305	2026-05-18 11:23	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312001	-		-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…	-	CVE-2024-11086	2024-11-20 22:15	2024-11-20	Show	GitHub Exploit DB Packet Storm

312002	-		-	-	Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a r…	CWE-1287 Improper Validation of Specified Type of Input	CVE-2024-8403	2024-11-20 10:15	2024-11-19	Show	GitHub Exploit DB Packet Storm

312003	5.3	MEDIUM Network	-	-	The Google for WooCommerce plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.8.6. This is due to publicly accessible print_php_information.php file.…	CWE-862 Missing Authorization	CVE-2024-10486	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

312004	-		-	-	The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page `schedule.html` before 17 November 2024 or commit 93dfb83 …	CWE-494 Download of Code Without Integrity Check	CVE-2024-52583	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

312005	-		-	-	MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the update_files method of the Subm…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-51499	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

312006	-		-	-	MarkUs, a web application for the submission and grading of student assignments, is vulnerable to path traversal in versions prior to 2.4.8. Authenticated instructors may download any file on the web…	CWE-22 Path Traversal	CVE-2024-47820	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

312007	-		-	-	Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2…	CWE-287 Improper Authentication	CVE-2024-47533	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

312008	-		-	-	GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address co…	CWE-200 Information Exposure	CVE-2024-43416	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

312009	6.4	MEDIUM Network	-	-	The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and incl…	CWE-862 Missing Authorization	CVE-2024-10390	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

312010	5.4	MEDIUM Network	-	-	A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper valid…	CWE-80 Basic XSS	CVE-2020-26067	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm