Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2991 7.1 重要
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおける暗号化処理のナンスおよび鍵ペアの再利用に関する脆弱性 CWE-323
暗号化処理のナンスおよび鍵ペアの再利用 		CVE-2026-5446 2026-05-1 10:44 2026-04-9 Show GitHub Exploit DB Packet Storm
2992 7.5 重要
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-5447 2026-05-1 10:44 2026-04-9 Show GitHub Exploit DB Packet Storm
2993 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC10 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のAC10 ファームウェアにおける複数の脆弱性 CWE-77
CWE-78
CVE-2026-5547 2026-05-1 10:44 2026-04-5 Show GitHub Exploit DB Packet Storm
2994 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC10 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のAC10 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5548 2026-05-1 10:44 2026-04-5 Show GitHub Exploit DB Packet Storm
2995 7.5 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC10 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のAC10 ファームウェアにおける複数の脆弱性 CWE-320
CWE-321
CVE-2026-5549 2026-05-1 10:44 2026-04-5 Show GitHub Exploit DB Packet Storm
2996 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. AC10 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のAC10 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5550 2026-05-1 10:44 2026-04-5 Show GitHub Exploit DB Packet Storm
2997 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. m3 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のm3 ファームウェアにおける複数の脆弱性 CWE-119
CWE-120
CVE-2026-5567 2026-05-1 10:44 2026-04-5 Show GitHub Exploit DB Packet Storm
2998 8.8 重要
Network 		Belkin International F9K1122 ファームウェア Belkin InternationalのF9K1122 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5608 2026-05-1 10:44 2026-04-6 Show GitHub Exploit DB Packet Storm
2999 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. I12 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のI12 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5609 2026-05-1 10:44 2026-04-6 Show GitHub Exploit DB Packet Storm
3000 8.8 重要
Network 		Belkin International F9K1015 ファームウェア Belkin InternationalのF9K1015 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5610 2026-05-1 10:44 2026-04-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313951 5.3 MEDIUM
Network 		shedaniel roughlyenoughitems Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index… CWE-129
 Improper Validation of Array Index 		CVE-2024-42698 2024-09-20 01:29 2024-08-29 Show GitHub Exploit DB Packet Storm
313952 5.3 MEDIUM
Network 		mezz justenoughitems JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JE… CWE-129
 Improper Validation of Array Index 		CVE-2024-41565 2024-09-20 01:19 2024-08-29 Show GitHub Exploit DB Packet Storm
313953 7.3 HIGH
Local 		openpolicyagent open_policy_agent A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrar… CWE-294
Authentication Bypass by Capture-replay  		CVE-2024-8260 2024-09-20 01:08 2024-08-30 Show GitHub Exploit DB Packet Storm
313954 4.6 MEDIUM
Physics 		ibm maas360_mdm IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-35118 2024-09-20 00:53 2024-08-30 Show GitHub Exploit DB Packet Storm
313955 8.1 HIGH
Network 		zohocorp manageengine_exchange_reporter_plus Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. CWE-89
SQL Injection 		CVE-2024-6204 2024-09-20 00:41 2024-08-31 Show GitHub Exploit DB Packet Storm
313956 8.1 HIGH
Network 		master-nan sweet-cms A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/l… CWE-117
 Improper Output Neutralization for Logs 		CVE-2024-8334 2024-09-20 00:39 2024-08-30 Show GitHub Exploit DB Packet Storm
313957 9.8 CRITICAL
Network 		openrapid rapidcms A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username … CWE-89
SQL Injection 		CVE-2024-8335 2024-09-20 00:31 2024-08-30 Show GitHub Exploit DB Packet Storm
313958 8.1 HIGH
Network 		eclipse eclipse_dataspace_components In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date… CWE-287
Improper Authentication 		CVE-2024-8642 2024-09-20 00:18 2024-09-11 Show GitHub Exploit DB Packet Storm
313959 7.5 HIGH
Network 		hoverfly hoverfly Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST handler allows users to create new simulation views from … CWE-22
Path Traversal 		CVE-2024-45388 2024-09-20 00:18 2024-09-3 Show GitHub Exploit DB Packet Storm
313960 4.6 MEDIUM
Physics 		idec kit-fc6a-24-kc_firmware
kit-fc6a-24-pc_firmware
kit-fc6a-24-ra_firmware
kit-fc6a-24-ra-hg1g_firmware
kit-fc6a-24-ra-hg2g-5tn_firmware
kit-fc6a-24-ra-hg2g-5tt_firmware
kit-fc6a-24-rc… 		Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtaine… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-41927 2024-09-20 00:10 2024-09-4 Show GitHub Exploit DB Packet Storm