Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3101 7.8 重要
Local 		MAGIX MAGIX MP3 deluxe MAGIXのMAGIX MP3 deluxeにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25260 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
3102 7.8 重要
Local 		Enter Srl Iperius Backup Enter SrlのIperius Backupにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25261 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
3103 10 緊急
Network 		マイクロソフト Microsoft Purview eDiscovery Microsoft Purview eDiscovery Elevation of Privilege Vulnerability CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-26150 2026-05-1 10:39 2026-04-23 Show GitHub Exploit DB Packet Storm
3104 8.8 重要
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける非公開の機能に関する脆弱性 CWE-912
非公開の機能 		CVE-2026-31847 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3105 9.8 緊急
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2026-31848 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3106 6.5 警告
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-31849 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3107 4.9 警告
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける認証情報の平文保存に関する脆弱性 CWE-256
平文でパスワードを保存 		CVE-2026-31850 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3108 9.8 緊急
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-31851 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3109 6.1 警告
Network 		angular Angular CLI angularのAngular CLIにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-33397 2026-05-1 10:38 2026-03-26 Show GitHub Exploit DB Packet Storm
3110 9.1 緊急
Network 		Fatedier FRP FatedierのFRPにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-40910 2026-05-1 10:38 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313961 6.5 MEDIUM
Network 		openzeppelin contracts Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's i… CWE-670
 Always-Incorrect Control Flow Implementation 		CVE-2024-45304 2024-09-20 02:26 2024-08-31 Show GitHub Exploit DB Packet Storm
313962 4.3 MEDIUM
Network 		teamviewer meeting
teamviewer 		Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the cl… NVD-CWE-Other
CVE-2024-6053 2024-09-20 02:22 2024-08-29 Show GitHub Exploit DB Packet Storm
313963 5.3 MEDIUM
Network 		shedaniel roughlyenoughitems Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index… CWE-129
 Improper Validation of Array Index 		CVE-2024-42698 2024-09-20 01:29 2024-08-29 Show GitHub Exploit DB Packet Storm
313964 5.3 MEDIUM
Network 		mezz justenoughitems JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JE… CWE-129
 Improper Validation of Array Index 		CVE-2024-41565 2024-09-20 01:19 2024-08-29 Show GitHub Exploit DB Packet Storm
313965 7.3 HIGH
Local 		openpolicyagent open_policy_agent A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrar… CWE-294
Authentication Bypass by Capture-replay  		CVE-2024-8260 2024-09-20 01:08 2024-08-30 Show GitHub Exploit DB Packet Storm
313966 4.6 MEDIUM
Physics 		ibm maas360_mdm IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-35118 2024-09-20 00:53 2024-08-30 Show GitHub Exploit DB Packet Storm
313967 8.1 HIGH
Network 		zohocorp manageengine_exchange_reporter_plus Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. CWE-89
SQL Injection 		CVE-2024-6204 2024-09-20 00:41 2024-08-31 Show GitHub Exploit DB Packet Storm
313968 8.1 HIGH
Network 		master-nan sweet-cms A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/l… CWE-117
 Improper Output Neutralization for Logs 		CVE-2024-8334 2024-09-20 00:39 2024-08-30 Show GitHub Exploit DB Packet Storm
313969 9.8 CRITICAL
Network 		openrapid rapidcms A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username … CWE-89
SQL Injection 		CVE-2024-8335 2024-09-20 00:31 2024-08-30 Show GitHub Exploit DB Packet Storm
313970 8.1 HIGH
Network 		eclipse eclipse_dataspace_components In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date… CWE-287
Improper Authentication 		CVE-2024-8642 2024-09-20 00:18 2024-09-11 Show GitHub Exploit DB Packet Storm