Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3221 7.1 重要
Local 		gitpython project gitpython gitpython projectのgitpythonにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-44243 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
3222 9.1 緊急
Network 		The Tor Project Tor The Tor ProjectのTorにおける指定された機能の不適切な提供に関する脆弱性 CWE-684
指定された機能の不適切な提供 		CVE-2026-44597 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
3223 5.3 警告
Network 		The Tor Project Tor The Tor ProjectのTorにおける領域間での誤ったリソース移動に関する脆弱性 CWE-669
領域間での誤ったリソース移動 		CVE-2026-44599 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
3224 5.3 警告
Network 		The Tor Project Tor The Tor ProjectのTorにおける不適切な動作順序に関する脆弱性 CWE-696
不適切な動作順序 		CVE-2026-44600 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
3225 9.1 緊急
Network 		The Tor Project Tor The Tor ProjectのTorにおける境界条件の判定に関する脆弱性 CWE-193
境界条件の判定 		CVE-2026-44603 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
3226 5.3 警告
Network 		Django Software Foundation Django Django Software FoundationのDjangoにおけるレングスパラメーターの不整合による処理に関する脆弱性 CWE-130
レングスパラメーターの不整合による不適切な処理 		CVE-2026-5766 2026-05-11 10:55 2026-05-5 Show GitHub Exploit DB Packet Storm
3227 8.8 重要
Network 		Ivanti endpoint manager mobile Ivantiのendpoint manager mobileにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-5786 2026-05-11 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
3228 9.1 緊急
Network 		Ivanti endpoint manager mobile Ivantiのendpoint manager mobileにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-5787 2026-05-11 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
3229 9.8 緊急
Network 		Ivanti endpoint manager mobile Ivantiのendpoint manager mobileにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-5788 2026-05-11 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
3230 8.8 重要
Network 		HKUDS OpenHarness HKUDSのOpenHarnessにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2026-6819 2026-05-11 10:54 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312711 - - - Combodo iTop is a web based IT Service Management tool. In affected versions uploading a text file containing some java script in the portal will trigger an Cross-site Scripting (XSS) vulnerability. … CWE-79
Cross-site Scripting 		CVE-2024-51994 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312712 - - - Combodo iTop is a web based IT Service Management tool. An attacker accessing a backup file or the database can read some passwords for misconfigured Users. This issue has been addressed in version 3… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-51993 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312713 - - - An issue in the Bluetooth Low Energy implementation of Realtek RTL8762E BLE SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ll_terminate_ind packet. - CVE-2024-48290 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312714 - - - devtron is an open source tool integration platform for Kubernetes. In affected versions an authenticated user (with minimum permission) could utilize and exploit SQL Injection to allow the execution… CWE-89
SQL Injection 		CVE-2024-45794 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312715 - - - A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file /Doctor/delete_user_appointment_request.php. The m… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2024-10967 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312716 - - - A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu.2024_B20220329. Affected by this issue is some unknown functionality of the file /cgi-bin/cstecgi.cgi. The ma… CWE-78
CWE-77
OS Command 
Command Injection 		CVE-2024-10966 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312717 - - - An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection. - CVE-2020-11919 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312718 - - - An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. When a backup file is created through the web interface, information on all users, including passwords, can be found in cleartext in… - CVE-2020-11918 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312719 - - - An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers to discover the physical locations of many Siime Eye device… - CVE-2020-11917 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm
312720 - - - An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the succ… - CVE-2020-11916 2024-11-9 04:01 2024-11-8 Show GitHub Exploit DB Packet Storm