Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2691 9.8 緊急
Network 		LiteSpeed Technologies LiteSpeed cPanel Plugin
LiteSpeed WHM Plugin (previously cPanel/WHM Plugin) 		LiteSpeed TechnologiesのLiteSpeed cPanel Plugin等の複数製品における不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2026-48172 2026-05-28 14:34 2026-05-21 Show GitHub Exploit DB Packet Storm
2692 9.8 緊急
Network 		Apache Software Foundation Apache Fory Apache Software FoundationのApache Foryにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-48207 2026-05-28 14:34 2026-05-21 Show GitHub Exploit DB Packet Storm
2693 9.8 緊急
Network 		FastNetMon FastNetMon Pavel OdintsovのFastNetMonにおける複数の脆弱性 CWE-122
CWE-193
CWE-787
CVE-2026-48689 2026-05-28 14:34 2026-05-26 Show GitHub Exploit DB Packet Storm
2694 9.1 緊急
Network 		Honeywell International Inc. Control Network Module Firmware Honeywell International Inc.のControl Network Module Firmwareにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-5433 2026-05-28 14:33 2026-05-21 Show GitHub Exploit DB Packet Storm
2695 8.2 重要
Network 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2025-26483 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
2696 6.5 警告
Adjacent 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2025-32745 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
2697 5.5 警告
Local 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2025-32746 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
2698 7.8 重要
Local 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2025-32747 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
2699 7.5 重要
Network 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-32749 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
2700 5.5 警告
Local 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2025-32751 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319701 9.8 CRITICAL
Network 		ivanti virtual_traffic_management Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. CWE-287
Improper Authentication 		CVE-2024-7593 2024-09-25 10:00 2024-08-14 Show GitHub Exploit DB Packet Storm
319702 5.5 MEDIUM
Local 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. CWE-281
 Improper Preservation of Permissions 		CVE-2024-44188 2024-09-25 05:38 2024-09-17 Show GitHub Exploit DB Packet Storm
319703 5.5 MEDIUM
Local 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. CWE-281
 Improper Preservation of Permissions 		CVE-2024-40859 2024-09-25 05:31 2024-09-17 Show GitHub Exploit DB Packet Storm
319704 7.5 HIGH
Network 		zitadel zitadel Zitadel is an open source identity management platform. ZITADEL's user account deactivation mechanism did not work correctly with service accounts. Deactivated service accounts retained the ability t… NVD-CWE-noinfo
CVE-2024-47000 2024-09-25 05:25 2024-09-20 Show GitHub Exploit DB Packet Storm
319705 6.5 MEDIUM
Network 		zitadel zitadel Zitadel is an open source identity management platform. ZITADEL's user grants deactivation mechanism did not work correctly. Deactivated user grants were still provided in token, which could lead to … NVD-CWE-noinfo
CVE-2024-46999 2024-09-25 05:20 2024-09-20 Show GitHub Exploit DB Packet Storm
319706 7.5 HIGH
Network 		envoyproxy envoy Envoy is a cloud-native high-performance edge/middle/service proxy. Jwt filter will lead to an Envoy crash when clear route cache with remote JWKs. In the following case: 1. remote JWKs are used, whi… CWE-476
 NULL Pointer Dereference 		CVE-2024-45809 2024-09-25 05:12 2024-09-20 Show GitHub Exploit DB Packet Storm
319707 7.5 HIGH
Network 		envoyproxy envoy Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstance, e.g., websocket upgrade, and requ… NVD-CWE-noinfo
CVE-2024-45810 2024-09-25 04:48 2024-09-20 Show GitHub Exploit DB Packet Storm
319708 4.8 MEDIUM
Network 		mage-people bus_ticket_booking_with_seat_reservation Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Stored XSS.This issue affe… CWE-79
Cross-site Scripting 		CVE-2024-43985 2024-09-25 04:33 2024-09-18 Show GitHub Exploit DB Packet Storm
319709 6.1 MEDIUM
Network 		couchbase couchbase_server Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection. CWE-74
Injection 		CVE-2024-25673 2024-09-25 04:08 2024-09-20 Show GitHub Exploit DB Packet Storm
319710 5.5 MEDIUM
Local 		apple macos
ipados
iphone_os
visionos
tvos
watchos 		A logic error was addressed with improved error handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS So… NVD-CWE-noinfo
CVE-2024-44183 2024-09-25 04:04 2024-09-17 Show GitHub Exploit DB Packet Storm