Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3111	8.8	重要 Network	VMware	Spring gRPC	VMwareのSpring gRPCにおける隔離または分類に関する脆弱性	CWE-653 不適切な隔離または分類	CVE-2026-40968	2026-05-1 10:38	2026-04-28	Show	GitHub Exploit DB Packet Storm

3112	5.3	警告 Network	VMware	Spring gRPC	VMwareのSpring gRPCにおけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2026-40969	2026-05-1 10:38	2026-04-28	Show	GitHub Exploit DB Packet Storm

3113	7.5	重要 Network	Frappe	Press	FrappeのPressにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-41317	2026-05-1 10:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

3114	6.1	警告 Network	Frappe	Press	FrappeのPressにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41430	2026-05-1 10:38	2026-04-24	Show	GitHub Exploit DB Packet Storm

3115	8.8	重要 Network	D-Link Systems, Inc.	DHP-1320 Firmware	D-Link CorporationのDHP-1320 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-4529	2026-05-1 10:38	2026-03-21	Show	GitHub Exploit DB Packet Storm

3116	7	重要 Local	flos-freeware (Florian Balmer)	Notepad2	flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性	CWE-426 CWE-427	CVE-2026-4545	2026-05-1 10:38	2026-03-22	Show	GitHub Exploit DB Packet Storm

3117	7	重要 Local	flos-freeware (Florian Balmer)	Notepad2	flos-freeware (Florian Balmer)のNotepad2における複数の脆弱性	CWE-426 CWE-427	CVE-2026-4546	2026-05-1 10:38	2026-03-22	Show	GitHub Exploit DB Packet Storm

3118	9.8	緊急 Network	Shenzhen Tenda Technology Co.,Ltd.	4G03 Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.の4G03 Pro Firmwareにおける複数の脆弱性	CWE-266 CWE-284	CVE-2026-5526	2026-05-1 10:38	2026-04-4	Show	GitHub Exploit DB Packet Storm

3119	5.3	警告 Network	Shenzhen Tenda Technology Co.,Ltd.	4G03 Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.の4G03 Pro Firmwareにおける複数の脆弱性	CWE-320 CWE-321	CVE-2026-5527	2026-05-1 10:38	2026-04-5	Show	GitHub Exploit DB Packet Storm

3120	8	重要 Adjacent	Shenzhen Tenda Technology Co.,Ltd.	CX12L Pro Firmware	Shenzhen Tenda Technology Co.,Ltd.のCX12L Pro Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-5683	2026-05-1 10:38	2026-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316091	8.8	HIGH Network	pligg	pligg_cms	Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /module.php?module=karma	CWE-352 Origin Validation Error	CVE-2024-42618	2024-08-21 22:09	2024-08-21	Show	GitHub Exploit DB Packet Storm

316092	8.8	HIGH Network	pligg	pligg_cms	Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_config.php?action=save&var_id=32	CWE-352 Origin Validation Error	CVE-2024-42617	2024-08-21 22:09	2024-08-21	Show	GitHub Exploit DB Packet Storm

316093	8.8	HIGH Network	pligg	pligg_cms	Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_editor.php	CWE-352 Origin Validation Error	CVE-2024-42621	2024-08-21 21:50	2024-08-21	Show	GitHub Exploit DB Packet Storm

316094	7.5	HIGH Network	floraison	fugit	fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to p…	NVD-CWE-noinfo	CVE-2024-43380	2024-08-21 21:38	2024-08-20	Show	GitHub Exploit DB Packet Storm

316095	3.1	LOW Network	trufflesecurity	trufflehog	TruffleHog is a secrets scanning tool. Prior to v3.81.9, this vulnerability allows a malicious actor to craft data in a way that, when scanned by specific detectors, could trigger the detector to mak…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-43379	2024-08-21 21:37	2024-08-20	Show	GitHub Exploit DB Packet Storm

316096	9.8	CRITICAL Network	jielink\+_jsotc2016_project	jielink\+_jsotc2016	A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 and classified as problematic. Affected by this vulnerability is an unknown functionali…	NVD-CWE-Other	CVE-2024-7921	2024-08-21 21:34	2024-08-19	Show	GitHub Exploit DB Packet Storm

316097	9.8	CRITICAL Network	microcks	microcks	In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.	NVD-CWE-noinfo	CVE-2024-44076	2024-08-21 21:33	2024-08-19	Show	GitHub Exploit DB Packet Storm

316098	9.8	CRITICAL Network	jielink\+_jsotc2016_project	jielink\+_jsotc2016	A vulnerability, which was classified as problematic, was found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805. Affected is an unknown function of the file /Report/P…	NVD-CWE-Other	CVE-2024-7920	2024-08-21 21:31	2024-08-19	Show	GitHub Exploit DB Packet Storm

316099	9.8	CRITICAL Network	-	-	The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin is vulnerable to PHP Object Injection via de…	-	CVE-2024-5335	2024-08-21 21:30	2024-08-21	Show	GitHub Exploit DB Packet Storm

316100	-		-	-	In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command stats access after free Command may fail while driver is reloading and can't accept FW commands till comman…	-	CVE-2022-48884	2024-08-21 21:30	2024-08-21	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed