Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3221 8.8 重要
Network 		Lee Peuker Movary Lee PeukerのMovaryにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40349 2026-04-28 10:12 2026-04-18 Show GitHub Exploit DB Packet Storm
3222 8.8 重要
Network 		Lee Peuker Movary Lee PeukerのMovaryにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40350 2026-04-28 10:12 2026-04-18 Show GitHub Exploit DB Packet Storm
3223 8.8 重要
Network 		Apache Software Foundation ActiveMQ Broker
Apache ActiveMQ 		Apache Software FoundationのApache ActiveMQ等の複数製品における複数の脆弱性 CWE-20
CWE-94
CVE-2026-40466 2026-04-28 10:12 2026-04-24 Show GitHub Exploit DB Packet Storm
3224 4.3 警告
Network 		Apache Software Foundation Apache Airflow Apache Software FoundationのApache Airflowにおけるアクセス制御の不十分な粒度に関する脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-40690 2026-04-28 10:12 2026-04-24 Show GitHub Exploit DB Packet Storm
3225 6.1 警告
Network 		Astro Astro Astroにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41067 2026-04-28 10:12 2026-04-24 Show GitHub Exploit DB Packet Storm
3226 5.4 警告
Adjacent 		OpenPrinting CUPS OpenPrintingのCUPSにおける複数の脆弱性 CWE-125
CWE-200
CVE-2026-41079 2026-04-28 10:11 2026-04-24 Show GitHub Exploit DB Packet Storm
3227 6.6 警告
Local 		Vim Vim VimにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-41411 2026-04-28 10:11 2026-04-24 Show GitHub Exploit DB Packet Storm
3228 7.1 重要
Network 		Foxit eSign FoxitのeSignにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-4947 2026-04-28 10:11 2026-04-1 Show GitHub Exploit DB Packet Storm
3229 7.8 重要
Local 		Rubicon Communications, LLC (Netgate). AMITI Antivirus Rubicon Communications, LLC (Netgate).のAMITI Antivirusにおける引用されない検索パスまたは要素に関する脆弱性 CWE-428
引用されない検索パスまたは要素 		CVE-2016-20058 2026-04-28 10:11 2026-04-4 Show GitHub Exploit DB Packet Storm
3230 5.5 警告
Local 		CompuPhase Termite CompuPhaseのTermiteにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25253 2026-04-28 10:11 2026-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314871 9.0 CRITICAL
Network 		vrcx-team vrcx VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to re… CWE-79
Cross-site Scripting 		CVE-2024-42366 2024-08-29 23:04 2024-08-9 Show GitHub Exploit DB Packet Storm
314872 4.8 MEDIUM
Network 		concretecms concrete_cms Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName().  A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVS… CWE-79
Cross-site Scripting 		CVE-2024-7394 2024-08-29 22:41 2024-08-9 Show GitHub Exploit DB Packet Storm
314873 9.8 CRITICAL
Network 		havocframework havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-41570 2024-08-29 22:32 2024-08-12 Show GitHub Exploit DB Packet Storm
314874 - - - Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentia… CWE-788
 Access of Memory Location After End of Buffer 		CVE-2024-38304 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
314875 - - - Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vu… CWE-20
 Improper Input Validation  		CVE-2024-38303 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
314876 7.2 HIGH
Network 		- - The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'images_array' parameter in versions up to, and including 2.8. This makes it possible for authenticat… CWE-502
 Deserialization of Untrusted Data 		CVE-2022-2440 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
314877 - - - The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. `aws… - CVE-2024-45043 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
314878 - - - Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function i… - CVE-2024-42905 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
314879 - - - A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authe… - CVE-2024-20478 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm
314880 - - - A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerabi… - CVE-2024-20446 2024-08-29 22:25 2024-08-29 Show GitHub Exploit DB Packet Storm