Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
261 5.1 警告
Local 		Mozilla Foundation thin-vec Mozilla Foundationのthin-vecにおける複数の脆弱性 New CWE-415
CWE-416
CVE-2026-6654 2026-05-14 10:23 2026-04-20 Show GitHub Exploit DB Packet Storm
262 7.2 重要
Network 		SUN NET TECHNOLOGIES CO., LTD. eHRD CPAS
eHRD CTMS 		SUN NET TECHNOLOGIES CO., LTD.のeHRD CPAS等の複数製品における危険なタイプのファイルの無制限アップロードに関する脆弱性 New CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-7490 2026-05-14 10:23 2026-05-2 Show GitHub Exploit DB Packet Storm
263 6.3 警告
Network 		Router-For.ME CLI Proxy API Router-For.MEのCLI Proxy APIにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-8081 2026-05-14 10:23 2026-05-7 Show GitHub Exploit DB Packet Storm
264 9.1 緊急
Network 		LibreNMS LibreNMS LibreNMSにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2024-51092 2026-05-14 10:23 2026-05-8 Show GitHub Exploit DB Packet Storm
265 9.8 緊急
Network 		The PHP Group PHP The PHP GroupのPHPにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2025-14179 2026-05-14 10:23 2026-05-10 Show GitHub Exploit DB Packet Storm
266 7.5 重要
Network 		IBM watsonx.data IBMのwatsonx.dataにおける意図するエンドポイントとの通信チャネルの制限に関する脆弱性 New CWE-923
意図するエンドポイントとの通信チャネルの不適切な制限 		CVE-2025-36180 2026-05-14 10:23 2026-04-30 Show GitHub Exploit DB Packet Storm
267 5.5 警告
Local 		IBM watsonx.data IBMのwatsonx.dataにおける認証情報の平文保存に関する脆弱性 New CWE-256
平文でパスワードを保存 		CVE-2025-36335 2026-05-14 10:23 2026-04-30 Show GitHub Exploit DB Packet Storm
268 7.5 重要
Network 		アップル iOS
iPadOS 		アップルのiPadOS等の複数製品におけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性 New CWE-451
ユーザインターフェースにおける重要情報の誤った表示 		CVE-2025-46311 2026-05-14 10:23 2026-05-12 Show GitHub Exploit DB Packet Storm
269 4.7 警告
Network 		ISPConfig ISPConfig ISPConfigにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-52206 2026-05-14 10:23 2026-05-5 Show GitHub Exploit DB Packet Storm
270 7.3 重要
Network 		AstrBot AstrBot AstrBotにおけるハードコードされた暗号鍵の使用に関する脆弱性 New CWE-321
ハードコードされた暗号鍵の使用 		CVE-2025-55449 2026-05-14 10:23 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312121 - - - An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote att… - CVE-2024-40441 2024-09-26 22:32 2024-09-24 Show GitHub Exploit DB Packet Storm
312122 - - - A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files. - CVE-2024-41228 2024-09-26 22:32 2024-09-24 Show GitHub Exploit DB Packet Storm
312123 - - - A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root. - CVE-2024-34331 2024-09-26 22:32 2024-09-24 Show GitHub Exploit DB Packet Storm
312124 - - - Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony… - CVE-2024-23934 2024-09-26 22:32 2024-09-24 Show GitHub Exploit DB Packet Storm
312125 - - - Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations… - CVE-2024-23933 2024-09-26 22:32 2024-09-24 Show GitHub Exploit DB Packet Storm
312126 - - - PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via the pname parameter in add_product.php and edit_product.php. - CVE-2024-46241 2024-09-26 22:32 2024-09-23 Show GitHub Exploit DB Packet Storm
312127 - - - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Exnet Informatics Software Ferry Reservation System allows Reflected XSS.This issue affect… CWE-79
Cross-site Scripting 		CVE-2024-7835 2024-09-26 22:32 2024-09-23 Show GitHub Exploit DB Packet Storm
312128 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Exnet Informatics Software Ferry Reservation System allows SQL Injection.This issue affects Ferry… CWE-89
SQL Injection 		CVE-2024-7735 2024-09-26 22:32 2024-09-23 Show GitHub Exploit DB Packet Storm
312129 - - - Local active protection service settings manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows, macOS) before build 38… CWE-250
 Execution with Unnecessary Privileges 		CVE-2024-8903 2024-09-26 22:32 2024-09-23 Show GitHub Exploit DB Packet Storm
312130 - - - YITH WooCommerce Ajax Search is vulnerable to a XSS vulnerability due to insufficient sanitization of user supplied block attributes. This makes it possible for Contributors+ attackers to inject arbi… - CVE-2024-7846 2024-09-26 22:32 2024-09-23 Show GitHub Exploit DB Packet Storm