Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3111	6.5	警告 Local	Xen プロジェクト	Xen	Xen プロジェクトのXenにおける到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-23557	2026-05-21 10:54	2026-05-19	Show	GitHub Exploit DB Packet Storm

3112	7.8	重要 Local	Xen プロジェクト	Xen	Xen プロジェクトのXenにおける競合状態に関する脆弱性	CWE-362 競合状態	CVE-2026-23558	2026-05-21 10:54	2026-05-19	Show	GitHub Exploit DB Packet Storm

3113	4.3	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-28732	2026-05-21 10:54	2026-05-18	Show	GitHub Exploit DB Packet Storm

3114	6.5	警告 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-1336 テンプレートエンジンで使用される特殊な要素の不適切な無効化	CVE-2026-29207	2026-05-21 10:54	2026-05-19	Show	GitHub Exploit DB Packet Storm

3115	6.5	警告 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-29220	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3116	7.3	重要 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-29226	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3117	7.5	重要 Network	HSC	MailInspector	HSCのMailInspectorにおけるファイル名やパス名の外部制御に関する脆弱性	CWE-73 ファイル名やパス名の外部制御	CVE-2026-29962	2026-05-21 10:53	2026-05-18	Show	GitHub Exploit DB Packet Storm

3118	7.5	重要 Network	HSC	MailInspector	HSCのMailInspectorにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-29963	2026-05-21 10:53	2026-05-18	Show	GitHub Exploit DB Packet Storm

3119	6.1	警告 Network	HSC	MailInspector	HSCのMailInspectorにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-29964	2026-05-21 10:53	2026-05-18	Show	GitHub Exploit DB Packet Storm

3120	6.1	警告 Network	HSC	MailInspector	HSCのMailInspectorにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-29965	2026-05-21 10:53	2026-05-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
318831	9.8	CRITICAL Network	-	-	The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during…	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2024-9106	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318832	6.4	MEDIUM Network	-	-	The Geo Mashup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's geo_mashup_visible_posts_list shortcode in all versions up to, and including, 1.13.13 due to insuffic…	CWE-79 Cross-site Scripting	CVE-2024-8990	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318833	-		-	-	The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stars_testimonials…	-	CVE-2024-8989	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318834	6.1	MEDIUM Network	-	-	The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1…	CWE-79 Cross-site Scripting	CVE-2024-8728	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318835	6.1	MEDIUM Network	-	-	The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitizati…	CWE-79 Cross-site Scripting	CVE-2024-8718	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318836	7.2	HIGH Network	-	-	The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. Thi…	CWE-79 Cross-site Scripting	CVE-2024-7869	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318837	-		-	-	All versions of the package git-shallow-clone are vulnerable to Command injection due to missing sanitization or mitigation flags in the process variable of the gitShallowClone function.	-	CVE-2024-21531	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318838	-		-	-	Versions of the package uplot before 1.6.31 are vulnerable to Prototype Pollution via the uplot.assign function due to missing check if the attribute resolves to the object prototype.	-	CVE-2024-21489	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318839	-		-	-	NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnera…	-	CVE-2024-0116	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

318840	-		-	-	A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatebal.php. The manipulation of the argu…	-	CVE-2024-9360	2024-10-4 22:51	2024-10-1	Show	GitHub Exploit DB Packet Storm