Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3001 4.7 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける複数の脆弱性 CWE-367
CWE-59
CVE-2026-35359 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3002 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35360 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3003 5.6 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35363 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3004 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35364 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3005 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性 CWE-732
重要なリソースに対する不適切なパーミッションの割り当て 		CVE-2026-35367 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3006 7.8 重要
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-35368 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3007 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-35377 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3008 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性 CWE-684
指定された機能の不適切な提供 		CVE-2026-35381 2026-04-27 11:17 2026-04-22 Show GitHub Exploit DB Packet Storm
3009 5.4 警告
Network 		Papra Papra Papraにおける複数の脆弱性 CWE-79
CWE-80
CVE-2026-35460 2026-04-27 11:17 2026-04-7 Show GitHub Exploit DB Packet Storm
3010 4.3 警告
Network 		Papra Papra Papraにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-35461 2026-04-27 11:17 2026-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314911 - - - Prior to 3385, the user-controlled role parameter enters the application in the Kubernetes::RoleVerificationsController. The role parameter flows into the RoleConfigFile initializer and then into the… - CVE-2024-42363 2024-08-21 21:30 2024-08-21 Show GitHub Exploit DB Packet Storm
314912 - - - Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/domain_management.php?id=0&list=whitelist&remove=pligg.com - CVE-2024-42619 2024-08-21 21:30 2024-08-21 Show GitHub Exploit DB Packet Storm
314913 9.6 CRITICAL
Network 		- - An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network. CWE-284
Improper Access Control 		CVE-2024-38175 2024-08-21 21:30 2024-08-21 Show GitHub Exploit DB Packet Storm
314914 - - - Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as t… - CVE-2024-6322 2024-08-21 21:30 2024-08-21 Show GitHub Exploit DB Packet Storm
314915 - - - Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f… - CVE-2024-43408 2024-08-21 21:30 2024-08-21 Show GitHub Exploit DB Packet Storm
314916 - - - Improper Access Controls allows backend users to overwrite their username when disallowed. - CVE-2024-27187 2024-08-21 21:30 2024-08-21 Show GitHub Exploit DB Packet Storm
314917 9.8 CRITICAL
Network 		jielink\+_jsotc2016_project jielink\+_jsotc2016 A vulnerability, which was classified as critical, has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805. This issue affects some unknown processing of the f… NVD-CWE-Other
CVE-2024-7919 2024-08-21 21:30 2024-08-19 Show GitHub Exploit DB Packet Storm
314918 7.2 HIGH
Network 		douco douphp A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component F… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-7917 2024-08-21 21:30 2024-08-19 Show GitHub Exploit DB Packet Storm
314919 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2024-7757 2024-08-21 18:15 2024-08-21 Show GitHub Exploit DB Packet Storm
314920 - - - ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete. - CVE-2024-42565 2024-08-21 06:35 2024-08-20 Show GitHub Exploit DB Packet Storm