Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2841	7.8	重要 Local	マイクロソフト	SQL Server 2019 SQL Server 2025 SQL Server 2016 SQL Server 2022 SQL Server 2017	SQL サーバーの特権の昇格の脆弱性	CWE-89 SQLインジェクション	CVE-2026-32176	2026-05-11 10:58	2026-04-14	Show	GitHub Exploit DB Packet Storm

2842	7.5	重要 Network	マイクロソフト	.NET visual studio 2022	.NET のなりすましの脆弱性	CWE-138 特殊要素の不適切な無害化	CVE-2026-32178	2026-05-11 10:58	2026-04-14	Show	GitHub Exploit DB Packet Storm

2843	6.5	警告 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-32603	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2844	9.1	緊急 Network	X.Org Foundation レッドハット	X.Org X Server Red Hat Enterprise Linux	レッドハット等の複数ベンダの製品における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34000	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2845	9.1	緊急 Network	X.Org Foundation レッドハット	X.Org X Server Red Hat Enterprise Linux	レッドハット等の複数ベンダの製品における不適切な長さの値によるバッファへのアクセスに関する脆弱性	CWE-805 不適切な長さの値によるバッファへのアクセス	CVE-2026-34002	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2846	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるCRLF インジェクションの脆弱性	CWE-93 CRLF インジェクション	CVE-2026-34458	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2847	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-34459	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2848	7.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-34461	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2849	7.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける複数の脆弱性	CWE-121 CWE-170	CVE-2026-34462	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

2850	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける複数の脆弱性	CWE-121 CWE-170	CVE-2026-34464	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312521	-		-	-	Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resu…	CWE-138 CWE-159 Improper Neutralization of Special Elements Improper Handling of Invalid Use of Special Elements	CVE-2024-51500	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

312522	-		-	-	gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket …	-	CVE-2024-48059	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

312523	-		-	-	golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2024-51744	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

312524	-		-	-	A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a request that posts a fake post onto the user's social wall without the…	-	CVE-2024-30617	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

312525	-		-	-	Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive profiles information, posing a significant risk to data integrity.	-	CVE-2024-30616	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

312526	6.1	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS…	CWE-79 Cross-site Scripting	CVE-2024-20372	2024-11-6 01:04	2024-10-24	Show	GitHub Exploit DB Packet Storm

312527	4.6	MEDIUM Network	radixiot	mango	MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI) vulnerability via the Platform Management Edit page.	CWE-94 Code Injection	CVE-2024-37846	2024-11-6 01:03	2024-10-26	Show	GitHub Exploit DB Packet Storm

312528	5.4	MEDIUM Network	radixiot	mango	A stored cross-site scripting (XSS) vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.	CWE-79 Cross-site Scripting	CVE-2024-37844	2024-11-6 01:03	2024-10-26	Show	GitHub Exploit DB Packet Storm

312529	5.4	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due …	CWE-79 Cross-site Scripting	CVE-2024-20387	2024-11-6 01:00	2024-10-24	Show	GitHub Exploit DB Packet Storm

312530	8.8	HIGH Network	radixiot	mangoapi mango	An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file.	CWE-22 Path Traversal	CVE-2024-37847	2024-11-6 00:47	2024-10-26	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed