Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3131	6.1	警告 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-31906	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3132	7.5	重要 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-31909	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3133	7.5	重要 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-31910	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3134	9.1	緊急 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるハードコードされた暗号鍵の使用に関する脆弱性	CWE-321 ハードコードされた暗号鍵の使用	CVE-2026-31986	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3135	4.8	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3495	2026-05-21 10:53	2026-05-18	Show	GitHub Exploit DB Packet Storm

3136	6.5	警告 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-35086	2026-05-21 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

3137	8.8	重要 Local	マイクロソフト	Microsoft 365 Apps Microsoft Office Office Long Term Servicing Channel (LTSC)	Microsoft Office クイック実行の特権の昇格の脆弱性	CWE-1220 アクセス制御の不十分な粒度	CVE-2026-35436	2026-05-21 10:52	2026-05-12	Show	GitHub Exploit DB Packet Storm

3138	5.5	警告 Local	マイクロソフト	Microsoft 365 Apps Microsoft Office Microsoft Word Office Long Term Servicing Channel (LTSC)	Microsoft Word の情報漏えいの脆弱性	CWE-552 外部からアクセス可能なファイルまたはディレクトリ	CVE-2026-35440	2026-05-21 10:52	2026-05-12	Show	GitHub Exploit DB Packet Storm

3139	4.3	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-3637	2026-05-21 10:52	2026-05-18	Show	GitHub Exploit DB Packet Storm

3140	9.8	緊急 Network	H2O.ai	H2O	H2O.aiのH2Oにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-3960	2026-05-21 10:52	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
318461	-		-	-	SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.	-	CVE-2024-9379	2024-10-10 10:00	2024-10-9	Show	GitHub Exploit DB Packet Storm

318462	8.1	HIGH Network	prestashop	prestashop	An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploita…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-41651	2024-10-10 03:15	2024-08-13	Show	GitHub Exploit DB Packet Storm

318463	7.2	HIGH Network	cisco	rv340_dual_wan_gigabit_vpn_router_firmware rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware rv345_dual_wan_gigabit_vpn_router_firmware rv345p_dual_wan_gigabit_poe_vpn_router_firmware	A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute ar…	NVD-CWE-Other	CVE-2024-20470	2024-10-10 01:55	2024-10-3	Show	GitHub Exploit DB Packet Storm

318464	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we can't get max channel used in indirection tables Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing…	NVD-CWE-noinfo	CVE-2024-46834	2024-10-10 00:57	2024-09-27	Show	GitHub Exploit DB Packet Storm

318465	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnl_num When query reg inf of SSU, it loops tnl_num times. However, tnl_num comes fr…	CWE-129 Improper Validation of Array Index	CVE-2024-46833	2024-10-10 00:54	2024-09-27	Show	GitHub Exploit DB Packet Storm

318466	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed This avoids warning: [ 0.118053] BUG: sleeping functi…	NVD-CWE-noinfo	CVE-2024-46832	2024-10-10 00:51	2024-09-27	Show	GitHub Exploit DB Packet Storm

318467	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed_udc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not …	CWE-129 Improper Validation of Array Index	CVE-2024-46836	2024-10-10 00:47	2024-09-27	Show	GitHub Exploit DB Packet Storm

318468	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on group_create We were allowing any users to create a high priority group without any perm…	NVD-CWE-noinfo	CVE-2024-46837	2024-10-10 00:37	2024-09-27	Show	GitHub Exploit DB Packet Storm

318469	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: userfaultfd: don't BUG_ON() if khugepaged yanks our page table Since khugepaged was changed to allow retracting page tables in fi…	NVD-CWE-noinfo	CVE-2024-46838	2024-10-10 00:35	2024-09-27	Show	GitHub Exploit DB Packet Storm

318470	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix validity interception issue when gisa is switched off We might run into a SIE validity if gisa has been disabled e…	CWE-908 Use of Uninitialized Resource	CVE-2024-45005	2024-10-10 00:30	2024-09-5	Show	GitHub Exploit DB Packet Storm