Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
281	6.5	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける認可に関する脆弱性 New	CWE-285 不適切な認可	CVE-2026-45345	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

282	5.4	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 New	CWE-80 クロスサイトスクリプティング (Basic XSS)	CVE-2026-45346	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

283	5.4	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-45347	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

284	7.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-45349	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

285	7.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-45350	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

286	6.5	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける情報漏えいに関する脆弱性 New	CWE-200 情報漏えい	CVE-2026-45351	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

287	5.4	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける認可に関する脆弱性 New	CWE-285 不適切な認可	CVE-2026-45365	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

288	4.3	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-45385	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

289	4.3	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-45386	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

290	4.3	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける情報漏えいに関する脆弱性 New	CWE-200 情報漏えい	CVE-2026-45387	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311751	7.5	HIGH Network	esri	portal_for_arcgis	There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose se…	NVD-CWE-Other	CVE-2024-38040	2024-10-16 01:01	2024-10-5	Show	GitHub Exploit DB Packet Storm

311752	-		-	-	An issue in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to obtain sensitive information via the Racine & FileName parameters in the …	-	CVE-2024-48824	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311753	-		-	-	Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page.	-	CVE-2024-48823	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311754	-		-	-	Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page.	-	CVE-2024-48822	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311755	-		-	-	Cross Site Scripting vulnerability in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php compo…	-	CVE-2024-48821	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311756	-		-	-	An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information via the firmware update process.	-	CVE-2024-48792	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311757	-		-	-	An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to obtain sensitive information via the firmware update process	-	CVE-2024-48791	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311758	-		-	-	An issue in INATRONIC com.inatronic.drivedeck.home 2.6.23 allows a remote attacker to obtain sensitve information via the firmware update process.	-	CVE-2024-48789	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311759	-		-	-	An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to obtain sensitive information via the firmware update process.	-	CVE-2024-48799	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311760	-		-	-	An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker to obtain sensitive information via the firmware update process.	-	CVE-2024-48797	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm