Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 6, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 2721 | 3.3 |
低
Local |
ちとらソフト |
Lhaz+ Lhaz |
LhazおよびLhaz+におけるパストラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2026-41530 | 2026-05-11 17:15 | 2026-05-11 | Show | GitHub Exploit DB Packet Storm |
| 2722 | - | - | Apache Software Foundation | Apache HTTP Server | Apache HTTP Server 2.4における複数の脆弱性に対するアップデート(2026年5月) | - |
CVE-2026-23918 CVE-2026-24072 CVE-2026-28780 CVE-2026-29168 CVE-2026-29169 CVE-2026-33006 CVE-2026-33007 CVE-2026-33523 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059 |
2026-05-11 16:29 | 2026-05-8 | Show | GitHub Exploit DB Packet Storm |
| 2723 | - | - | (複数のベンダ) | (複数の製品) | CISA ICS Advisory / ICS Medical Advisory(2026年05月07日) | - | - | 2026-05-11 16:29 | 2026-05-8 | Show | GitHub Exploit DB Packet Storm |
| 2724 | 7.2 |
重要
Network |
株式会社GROWI | GROWI | GROWIにおけるパストラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2026-41951 | 2026-05-11 15:29 | 2026-05-11 | Show | GitHub Exploit DB Packet Storm |
| 2725 | 7.4 |
重要
Network |
株式会社EPG |
iOSアプリ「くら寿司 公式アプリ」 Androidアプリ「くら寿司 公式アプリ」 |
スマートフォンアプリ「くら寿司 公式アプリ」における証明書検証不備の脆弱性 |
CWE-Other
その他 |
CVE-2026-41872 | 2026-05-11 12:52 | 2026-05-11 | Show | GitHub Exploit DB Packet Storm |
| 2726 | 3.3 |
低
Local |
X.Org Foundation | libxpm | libXpmにおける境界外読み取りの脆弱性 |
CWE-Other
その他 |
CVE-2026-4367 | 2026-05-11 12:18 | 2026-05-11 | Show | GitHub Exploit DB Packet Storm |
| 2727 | 7.3 |
重要
Network |
yeti-platform | yeti | yeti-platformのyetiにおけるコードインジェクションの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2024-46507 | 2026-05-11 11:13 | 2026-05-8 | Show | GitHub Exploit DB Packet Storm |
| 2728 | 7.5 |
重要
Network |
yeti-platform | yeti | yeti-platformのyetiにおけるハードコードされた認証情報の使用に関する脆弱性 |
CWE-798
ハードコードされた認証情報の使用 |
CVE-2024-46508 | 2026-05-11 11:12 | 2026-05-8 | Show | GitHub Exploit DB Packet Storm |
| 2729 | 9.8 |
緊急
Network |
Frappe | ERPNext | FrappeのERPNextにおけるコードインジェクションの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2026-38431 | 2026-05-11 11:12 | 2026-05-5 | Show | GitHub Exploit DB Packet Storm |
| 2730 | 6.1 |
警告
Network |
Frappe | ERPNext | FrappeのERPNextにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2026-38432 | 2026-05-11 11:12 | 2026-05-5 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 6, 2026, 4:18 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 318471 | 6.1 |
MEDIUM
Network |
loway | queuemetrics | Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect') |
CWE-601
Open Redirect |
CVE-2024-42341 | 2024-09-12 00:57 | 2024-09-8 | Show | GitHub Exploit DB Packet Storm |
| 318472 | 7.5 |
HIGH
Network |
loway | queuemetrics | Loway - CWE-204: Observable Response Discrepancy |
CWE-203
Information Exposure Through Discrepancy |
CVE-2024-42343 | 2024-09-12 00:56 | 2024-09-8 | Show | GitHub Exploit DB Packet Storm |
| 318473 | 4.3 |
MEDIUM
Network |
loway | queuemetrics | Loway - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') |
CWE-444
HTTP Request Smuggling |
CVE-2024-42342 | 2024-09-12 00:56 | 2024-09-8 | Show | GitHub Exploit DB Packet Storm |
| 318474 | 5.5 |
MEDIUM
Local |
linux | linux_kernel | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Cleanup partial engine discovery failures If we abort driver initialisation in the middle of gt/engine discovery, so… |
CWE-459
Incomplete Cleanup |
CVE-2022-48893 | 2024-09-12 00:55 | 2024-08-21 | Show | GitHub Exploit DB Packet Storm |
| 318475 | 6.5 |
MEDIUM
Network |
learningdigital | orca_hcm | Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files. |
CWE-22
Path Traversal |
CVE-2024-8585 | 2024-09-12 00:53 | 2024-09-9 | Show | GitHub Exploit DB Packet Storm |
| 318476 | 7.8 |
HIGH
Local |
iobit | driver_booster | A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler.… |
CWE-427
Uncontrolled Search Path Element |
CVE-2024-7325 | 2024-09-12 00:42 | 2024-08-1 | Show | GitHub Exploit DB Packet Storm |
| 318477 | 5.5 |
MEDIUM
Local |
samsung |
exynos_980_firmware exynos_850_firmware exynos_1080_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_1480_firmware exynos_w920_firmware exynos_w9… |
An issue was discovered in Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi… |
CWE-125
Out-of-bounds Read |
CVE-2024-27364 | 2024-09-12 00:27 | 2024-09-10 | Show | GitHub Exploit DB Packet Storm |
| 318478 | 5.5 |
MEDIUM
Local |
samsung |
exynos_980_firmware exynos_850_firmware exynos_1080_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_1480_firmware exynos_w920_firmware exynos_w9… |
An issue was discovered in Samsung Mobile Processor Exynos Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the… |
CWE-125
Out-of-bounds Read |
CVE-2024-27367 | 2024-09-12 00:26 | 2024-09-10 | Show | GitHub Exploit DB Packet Storm |
| 318479 | 5.5 |
MEDIUM
Local |
samsung |
exynos_980_firmware exynos_850_firmware exynos_1080_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_1480_firmware exynos_w920_firmware exynos_w9… |
An issue was discovered in Samsung Mobile Processor, Wearable Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In th… |
CWE-125
Out-of-bounds Read |
CVE-2024-27366 | 2024-09-12 00:26 | 2024-09-10 | Show | GitHub Exploit DB Packet Storm |
| 318480 | 7.8 |
HIGH
Local |
samsung |
exynos_980_firmware exynos_850_firmware exynos_1080_firmware exynos_1280_firmware exynos_1330_firmware exynos_1380_firmware exynos_1480_firmware exynos_w920_firmware exynos_w9… |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_get_scan_extra_ies(), there is no input validation check on… |
CWE-787
Out-of-bounds Write |
CVE-2024-27383 | 2024-09-12 00:25 | 2024-09-10 | Show | GitHub Exploit DB Packet Storm |