Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3101 7.8 重要
Local 		MAGIX MAGIX MP3 deluxe MAGIXのMAGIX MP3 deluxeにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25260 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
3102 7.8 重要
Local 		Enter Srl Iperius Backup Enter SrlのIperius Backupにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25261 2026-05-1 10:39 2026-04-22 Show GitHub Exploit DB Packet Storm
3103 10 緊急
Network 		マイクロソフト Microsoft Purview eDiscovery Microsoft Purview eDiscovery Elevation of Privilege Vulnerability CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-26150 2026-05-1 10:39 2026-04-23 Show GitHub Exploit DB Packet Storm
3104 8.8 重要
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける非公開の機能に関する脆弱性 CWE-912
非公開の機能 		CVE-2026-31847 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3105 9.8 緊急
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2026-31848 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3106 6.5 警告
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-31849 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3107 4.9 警告
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける認証情報の平文保存に関する脆弱性 CWE-256
平文でパスワードを保存 		CVE-2026-31850 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3108 9.8 緊急
Network 		Nexxt Solutions Nebula300Plus Firmware Nexxt SolutionsのNebula300Plus Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-31851 2026-05-1 10:38 2026-03-23 Show GitHub Exploit DB Packet Storm
3109 6.1 警告
Network 		angular Angular CLI angularのAngular CLIにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-33397 2026-05-1 10:38 2026-03-26 Show GitHub Exploit DB Packet Storm
3110 9.1 緊急
Network 		Fatedier FRP FatedierのFRPにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-40910 2026-05-1 10:38 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313971 7.5 HIGH
Network 		hoverfly hoverfly Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST handler allows users to create new simulation views from … CWE-22
Path Traversal 		CVE-2024-45388 2024-09-20 00:18 2024-09-3 Show GitHub Exploit DB Packet Storm
313972 4.6 MEDIUM
Physics 		idec kit-fc6a-24-kc_firmware
kit-fc6a-24-pc_firmware
kit-fc6a-24-ra_firmware
kit-fc6a-24-ra-hg1g_firmware
kit-fc6a-24-ra-hg2g-5tn_firmware
kit-fc6a-24-ra-hg2g-5tt_firmware
kit-fc6a-24-rc… 		Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtaine… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2024-41927 2024-09-20 00:10 2024-09-4 Show GitHub Exploit DB Packet Storm
313973 7.8 HIGH
Local 		adobe acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc 		Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context … CWE-416
 Use After Free 		CVE-2024-41869 2024-09-20 00:09 2024-09-13 Show GitHub Exploit DB Packet Storm
313974 7.5 HIGH
Network 		fujitsu ipcom_ve2_ls_100_firmware
ipcom_ve2_ls_200_firmware
ipcom_ve2_ls_220_firmware
ipcom_ve2_ls_plus_100_firmware
ipcom_ve2_ls_plus_200_firmware
ipcom_ve2_ls_plus_220_firmware
ipcom_ve2_… 		Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0… CWE-203
 Information Exposure Through Discrepancy 		CVE-2024-39921 2024-09-19 23:59 2024-09-4 Show GitHub Exploit DB Packet Storm
313975 7.8 HIGH
Local 		adobe acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc 		Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context … CWE-843
Type Confusion 		CVE-2024-45112 2024-09-19 23:56 2024-09-13 Show GitHub Exploit DB Packet Storm
313976 7.5 HIGH
Network 		utarit soliclub Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.This issue affects SoliClub: before 4.4.0 for iOS, befo… NVD-CWE-noinfo
CVE-2024-3305 2024-09-19 23:44 2024-09-12 Show GitHub Exploit DB Packet Storm
313977 7.5 HIGH
Network 		utarit soliclub Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoliClub: befo… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-3306 2024-09-19 23:43 2024-09-12 Show GitHub Exploit DB Packet Storm
313978 5.3 MEDIUM
Network 		emilyploszaj emi EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and … CWE-129
 Improper Validation of Array Index 		CVE-2024-41564 2024-09-19 23:40 2024-08-29 Show GitHub Exploit DB Packet Storm
313979 8.8 HIGH
Network 		zohocorp manageengine_pam360
manageengine_password_manager_pro 		Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option. CWE-89
SQL Injection 		CVE-2024-5546 2024-09-19 23:39 2024-08-28 Show GitHub Exploit DB Packet Storm
313980 5.4 MEDIUM
Network 		connx esp_hr_management Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script t… CWE-79
Cross-site Scripting 		CVE-2024-7269 2024-09-19 23:37 2024-08-28 Show GitHub Exploit DB Packet Storm