Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
291	7.2	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性 New	CWE-269 CWE-862	CVE-2026-45395	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

292	7.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-45399	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

293	8.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-45402	2026-05-20 13:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

294	8.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45665	2026-05-20 13:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

295	6.5	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-45666	2026-05-20 13:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

296	6.5	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-45667	2026-05-20 13:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

297	8	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-45671	2026-05-20 13:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

298	8.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性 New	CWE-269 CWE-362	CVE-2026-45675	2026-05-20 13:25	2026-05-15	Show	GitHub Exploit DB Packet Storm

299	7.5	重要 Network	Fleet Device Management	fleet	Fleet Device Managementのfleetにおけるスプーフィングによる認証回避に関する脆弱性 New	CWE-290 スプーフィングによる認証回避	CVE-2026-46356	2026-05-20 13:25	2026-05-14	Show	GitHub Exploit DB Packet Storm

300	6.5	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-5163	2026-05-20 13:25	2026-05-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311751	7.5	HIGH Network	esri	portal_for_arcgis	There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could potentially disclose se…	NVD-CWE-Other	CVE-2024-38040	2024-10-16 01:01	2024-10-5	Show	GitHub Exploit DB Packet Storm

311752	-		-	-	An issue in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to obtain sensitive information via the Racine & FileName parameters in the …	-	CVE-2024-48824	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311753	-		-	-	Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page.	-	CVE-2024-48823	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311754	-		-	-	Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page.	-	CVE-2024-48822	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311755	-		-	-	Cross Site Scripting vulnerability in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php compo…	-	CVE-2024-48821	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311756	-		-	-	An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information via the firmware update process.	-	CVE-2024-48792	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311757	-		-	-	An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to obtain sensitive information via the firmware update process	-	CVE-2024-48791	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311758	-		-	-	An issue in INATRONIC com.inatronic.drivedeck.home 2.6.23 allows a remote attacker to obtain sensitve information via the firmware update process.	-	CVE-2024-48789	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311759	-		-	-	An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to obtain sensitive information via the firmware update process.	-	CVE-2024-48799	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm

311760	-		-	-	An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker to obtain sensitive information via the firmware update process.	-	CVE-2024-48797	2024-10-16 00:35	2024-10-15	Show	GitHub Exploit DB Packet Storm