Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2691	8.8	重要 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42229	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2692	6.1	警告 Network	n8n	n8n	n8nにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-42230	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2693	8.8	重要 Network	n8n	n8n	n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-42231	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2694	8.8	重要 Network	n8n	n8n	n8nにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-42232	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2695	9.8	緊急 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42233	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2696	8.8	重要 Network	n8n	n8n	n8nにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-42234	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2697	9.6	緊急 Network	n8n	n8n	n8nにおける複数の脆弱性	CWE-79 CWE-87	CVE-2026-42235	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2698	7.5	重要 Network	n8n	n8n	n8nにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-42236	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2699	8.8	重要 Network	n8n	n8n	n8nにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42237	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

2700	9.8	緊急 Network	nginxui	Nginx UI	Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-42238	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312601	-	-	-	Missing Authorization vulnerability in Rymera Web Co Wholesale Suite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Wholesale Suite: from n/a through 2.1.12.	CWE-862 Missing Authorization	CVE-2024-38745	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312602	-	-	-	Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS.This issue affects Plum: Spin Wheel & Email P…	CWE-862 Missing Authorization	CVE-2024-38744	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312603	-	-	-	Access Control vulnerability in Upqode Plum: Spin Wheel & Email Pop-up allows . This issue affects Plum: Spin Wheel & Email Pop-up: from n/a through 2.0.	CWE-862 Missing Authorization	CVE-2024-38743	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312604	-	-	-	Missing Authorization vulnerability in Packlink Shipping S.L. Packlink PRO shipping module allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Packlink PRO ship…	CWE-862 Missing Authorization	CVE-2024-38740	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312605	-	-	-	Missing Authorization vulnerability in Reservation Diary ReDi Restaurant Reservation allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReDi Restaurant Reservation: fr…	CWE-862 Missing Authorization	CVE-2024-38737	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312606	-	-	-	Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12.	-	CVE-2024-38733	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312607	-	-	-	Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seraphinite Post …	CWE-862 Missing Authorization	CVE-2024-38727	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312608	-	-	-	Missing Authorization vulnerability in PickPlugins Product Designer allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Product Designer: from n/a through 1.0.33.	CWE-862 Missing Authorization	CVE-2024-38726	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312609	-	-	-	Missing Authorization vulnerability in spider-themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through 2.5.0.	CWE-862 Missing Authorization	CVE-2024-38721	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm

312610	-	-	-	Missing Authorization vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Featur…	CWE-862 Missing Authorization	CVE-2024-38719	2024-11-2 00:15	2024-11-2	Show	GitHub Exploit DB Packet Storm