Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2901	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44335	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2902	9.6	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-22 CWE-829 CWE-913 CWE-94	CVE-2026-44336	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2903	6.3	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-89	CVE-2026-44337	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2904	7.3	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-1188 CWE-306 CWE-668	CVE-2026-44338	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2905	8.6	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性	CWE-470 クラスまたはコードを選択する外部から制御された入力の使用	CVE-2026-44339	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2906	7.5	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-22 CWE-59	CVE-2026-44340	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2907	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-44406	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

2908	7.5	重要 Network	Zcash Foundation	Zebrad	Zcash FoundationのZebradにおける計算の誤りに関する脆弱性	CWE-682 計算の誤り	CVE-2026-44498	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2909	5.3	警告 Network	Zcash Foundation	zebra-network Zebra-chain Zebrad	Zcash FoundationのZebra-chain等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-44500	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

2910	7.5	重要 Network	The Tor Project	Tor	The Tor ProjectのTorにおける単一、固有のアクションの実施に関する脆弱性	CWE-837 単一、固有のアクションの不適切な実施	CVE-2026-44601	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312301	-	-	-	Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messa…	CWE-248 Uncaught Exception	CVE-2024-51750	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312302	-	-	-	Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent.…	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2024-51749	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312303	-	-	-	matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member c…	-	CVE-2024-50336	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312304	-	-	-	Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga…	CWE-295 Improper Certificate Validation	CVE-2024-49369	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312305	-	-	-	HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The application does not sufficiently manage its control flow during execution, creating conditions in which…	-	CVE-2024-30133	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312306	-	-	-	A Local Privilege Escalation vulnerability exists in the affected product. The vulnerability requires a local, low privileged threat actor to replace certain files during update and exists due to a f…	-	CVE-2024-10945	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312307	-	-	-	A Remote Code Execution vulnerability exists in the affected product. The vulnerability requires a high level of permissions and exists due to improper input validation resulting in the possibility o…	-	CVE-2024-10944	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312308	-	-	-	An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threa…	-	CVE-2024-10943	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312309	-	-	-	A null pointer dereference in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote unauthenticated attacker to cause a denial of service.	-	CVE-2024-8495	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm

312310	-	-	-	Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users. This vulnerability is fixed in v3.81.2.	-	CVE-2024-52297	2024-11-14 02:01	2024-11-13	Show	GitHub Exploit DB Packet Storm