Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
21 4.7 警告
Network 		i18next i18nextify i18nextのi18nextifyにおける複数の脆弱性 New CWE-79
CWE-94
CVE-2026-41692 2026-06-3 17:04 2026-05-7 Show GitHub Exploit DB Packet Storm
22 10 緊急
Network 		th30d4y OpenLearnX th30d4yのOpenLearnXにおける複数の脆弱性 New CWE-250
CWE-284
CWE-693
CWE-78
CWE-94
CVE-2026-41900 2026-06-3 17:04 2026-05-8 Show GitHub Exploit DB Packet Storm
23 6.1 警告
Network 		The Go Project Net The Go ProjectのNetにおけるレンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限に関する脆弱性 New CWE-1021
レンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限 		CVE-2026-42502 2026-06-3 17:04 2026-05-22 Show GitHub Exploit DB Packet Storm
24 6.1 警告
Network 		The Go Project Net The Go ProjectのNetにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42506 2026-06-3 17:04 2026-05-22 Show GitHub Exploit DB Packet Storm
25 7.8 重要
Local 		horsicq Detect-It-Easy horsicqのDetect-It-Easyにおける相対パストラバーサルの脆弱性 New CWE-23
相対的パストラバーサル 		CVE-2026-43616 2026-06-3 17:04 2026-05-4 Show GitHub Exploit DB Packet Storm
26 9.9 緊急
Network 		オラクル Oracle iAssets オラクルのOracle iAssetsにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-46822 2026-06-3 17:04 2026-05-28 Show GitHub Exploit DB Packet Storm
27 7.5 重要
Network 		fastify fastify/accepts-serializer fastifyのfastify/accepts-serializerにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-7768 2026-06-3 17:04 2026-05-4 Show GitHub Exploit DB Packet Storm
28 8.8 重要
Local 		NanoCo NanoClaw NanoCoのNanoClawにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-7875 2026-06-3 17:04 2026-05-6 Show GitHub Exploit DB Packet Storm
29 6.5 警告
Network 		Synology Inc. SSL VPN Client Synology Inc.のSSL VPN Clientにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 New CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2021-47960 2026-06-3 17:04 2026-04-10 Show GitHub Exploit DB Packet Storm
30 8.1 重要
Network 		Synology Inc. SSL VPN Client Synology Inc.のSSL VPN Clientにおける認証情報の平文保存に関する脆弱性 New CWE-256
平文でパスワードを保存 		CVE-2021-47961 2026-06-3 17:04 2026-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319031 9.8 CRITICAL
Network 		jayesh online_exam_system A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator… NVD-CWE-Other
CVE-2024-40480 2024-08-22 06:35 2024-08-12 Show GitHub Exploit DB Packet Storm
319032 - - - Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set. - CVE-2024-41630 2024-08-22 06:35 2024-08-1 Show GitHub Exploit DB Packet Storm
319033 8.8 HIGH
Network 		pligg pligg_cms Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_group.php?mode=delete&group_id=3 CWE-352
 Origin Validation Error 		CVE-2024-42604 2024-08-22 05:35 2024-08-21 Show GitHub Exploit DB Packet Storm
319034 8.8 HIGH
Network 		tamparongj_03 online_graduate_tracer_system A vulnerability, which was classified as critical, was found in SourceCodester Online Graduate Tracer System up to 1.0. Affected is an unknown function of the file /tracking/admin/fetch_genderit.php.… CWE-89
SQL Injection 		CVE-2024-7949 2024-08-22 04:15 2024-08-20 Show GitHub Exploit DB Packet Storm
319035 9.8 CRITICAL
Network 		totolink ex1200l_firmware A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. Affected by this vulnerability is the function setLanguageCfg of the file /www/cgi-bin/cstecgi.cgi… CWE-787
 Out-of-bounds Write 		CVE-2024-7909 2024-08-22 04:15 2024-08-19 Show GitHub Exploit DB Packet Storm
319036 9.8 CRITICAL
Network 		ltcms ltcms A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected by this vulnerability is the function downloadUrl of the file /api/file/downloadUrl of the component A… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-7743 2024-08-22 04:15 2024-08-14 Show GitHub Exploit DB Packet Storm
319037 9.8 CRITICAL
Network 		ltcms ltcms A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical. Affected is the function multiDownload of the file /api/file/multiDownload of the component API Endpoint. The… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-7742 2024-08-22 04:08 2024-08-14 Show GitHub Exploit DB Packet Storm
319038 5.3 MEDIUM
Network 		ltcms ltcms A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. This issue affects the function downloadFile of the file /api/file/downloadfile of the component API Endpoint. The man… CWE-22
Path Traversal 		CVE-2024-7741 2024-08-22 04:07 2024-08-14 Show GitHub Exploit DB Packet Storm
319039 9.8 CRITICAL
Network 		ltcms ltcms A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerability affects the function download of the file /api/test/download of the component API Endpoint. Th… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-7740 2024-08-22 04:06 2024-08-14 Show GitHub Exploit DB Packet Storm
319040 6.5 MEDIUM
Network 		oretnom23 computer_laboratory_management_system Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete ca… NVD-CWE-noinfo
CVE-2024-41332 2024-08-22 03:53 2024-08-12 Show GitHub Exploit DB Packet Storm