Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3131 9.8 緊急
Network 		DeanWu (pylixm) Django-mdeditor DeanWu (pylixm)のDjango-mdeditorにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2025-13030 2026-05-7 11:31 2026-04-30 Show GitHub Exploit DB Packet Storm
3132 7.8 重要
Local 		The Qt Company qtdeclarative The Qt Companyのqtdeclarativeにおける複数の脆弱性 CWE-20
CWE-94
CWE-94
CVE-2025-14576 2026-05-7 11:30 2026-04-30 Show GitHub Exploit DB Packet Storm
3133 6.4 警告
Local 		レッドハット OpenShift Update Service (OSUS) レッドハットのOpenShift Update Service (OSUS)における不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-57854 2026-05-7 11:30 2026-04-8 Show GitHub Exploit DB Packet Storm
3134 5.4 警告
Network 		Wolters Kluwer Financial Services, Inc. LEX Baza Dokumentow Wolters Kluwer Financial Services, Inc.のLEX Baza Dokumentowにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-1493 2026-05-7 11:30 2026-04-30 Show GitHub Exploit DB Packet Storm
3135 5.7 警告
Adjacent 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における入力確認に関する脆弱性 CWE-20
CWE-noinfo
CVE-2026-20020 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
3136 6.1 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-20070 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
3137 5.8 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-20073 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
3138 7.7 重要
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-20100 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
3139 8.6 重要
Network 		NVIDIA NemoClaw NVIDIAのNemoClawにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性 CWE-497
認可されていない制御領域への重要情報の漏えい 		CVE-2026-24222 2026-05-7 11:30 2026-04-28 Show GitHub Exploit DB Packet Storm
3140 6.3 警告
Local 		NVIDIA NemoClaw NVIDIAのNemoClawにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-24231 2026-05-7 11:30 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317591 6.5 MEDIUM
Network 		mattermost mattermost Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 and 9.8.x <= 9.8.2 fail to ensure that remote/synthetic users cannot create sessions or reset passwords, which allows the munged … NVD-CWE-noinfo
CVE-2024-39836 2024-08-24 01:16 2024-08-22 Show GitHub Exploit DB Packet Storm
317592 4.9 MEDIUM
Network 		mattermost mattermost Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsear… NVD-CWE-noinfo
CVE-2024-39810 2024-08-24 01:16 2024-08-22 Show GitHub Exploit DB Packet Storm
317593 9.8 CRITICAL
Network 		lopalopa music_management_system A SQL injection vulnerability in "/music/ajax.php?action=find_music" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "search" parameter. CWE-89
SQL Injection 		CVE-2024-42782 2024-08-24 01:16 2024-08-22 Show GitHub Exploit DB Packet Storm
317594 9.8 CRITICAL
Network 		lopalopa music_management_system A SQL injection vulnerability in "/music/ajax.php?action=login" of Kashipara Music Management System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email para… CWE-89
SQL Injection 		CVE-2024-42781 2024-08-24 01:15 2024-08-22 Show GitHub Exploit DB Packet Storm
317595 6.3 MEDIUM
Network 		youdiancms youdiancms A vulnerability has been found in YouDianCMS 7 and classified as critical. Affected by this vulnerability is the function curl_exec of the file /App/Core/Extend/Function/ydLib.php. The manipulation o… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-7330 2024-08-24 01:12 2024-08-1 Show GitHub Exploit DB Packet Storm
317596 8.8 HIGH
Network 		lopalopa music_management_system An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_genre" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a c… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-42780 2024-08-24 01:10 2024-08-22 Show GitHub Exploit DB Packet Storm
317597 8.8 HIGH
Network 		mattermost mattermost Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-sid… CWE-352
 Origin Validation Error 		CVE-2024-40886 2024-08-24 01:09 2024-08-22 Show GitHub Exploit DB Packet Storm
317598 8.8 HIGH
Network 		lopalopa music_management_system An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a c… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-42779 2024-08-24 01:09 2024-08-22 Show GitHub Exploit DB Packet Storm
317599 9.8 CRITICAL
Network 		lopalopa music_management_system An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=signup" of Kashipara Music Management System v1.0, which allows attackers to execute arbitrary code via uploading a craf… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-42777 2024-08-24 01:09 2024-08-22 Show GitHub Exploit DB Packet Storm
317600 5.3 MEDIUM
Network 		mattermost mattermost Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to restrict the input in POST /api/v4/users which allows a user to manipulate the creation date in POST /api/… CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2024-42411 2024-08-24 01:04 2024-08-22 Show GitHub Exploit DB Packet Storm