Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3221 8.8 重要
Network 		Lee Peuker Movary Lee PeukerのMovaryにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40349 2026-04-28 10:12 2026-04-18 Show GitHub Exploit DB Packet Storm
3222 8.8 重要
Network 		Lee Peuker Movary Lee PeukerのMovaryにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40350 2026-04-28 10:12 2026-04-18 Show GitHub Exploit DB Packet Storm
3223 8.8 重要
Network 		Apache Software Foundation ActiveMQ Broker
Apache ActiveMQ 		Apache Software FoundationのApache ActiveMQ等の複数製品における複数の脆弱性 CWE-20
CWE-94
CVE-2026-40466 2026-04-28 10:12 2026-04-24 Show GitHub Exploit DB Packet Storm
3224 4.3 警告
Network 		Apache Software Foundation Apache Airflow Apache Software FoundationのApache Airflowにおけるアクセス制御の不十分な粒度に関する脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-40690 2026-04-28 10:12 2026-04-24 Show GitHub Exploit DB Packet Storm
3225 6.1 警告
Network 		Astro Astro Astroにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41067 2026-04-28 10:12 2026-04-24 Show GitHub Exploit DB Packet Storm
3226 5.4 警告
Adjacent 		OpenPrinting CUPS OpenPrintingのCUPSにおける複数の脆弱性 CWE-125
CWE-200
CVE-2026-41079 2026-04-28 10:11 2026-04-24 Show GitHub Exploit DB Packet Storm
3227 6.6 警告
Local 		Vim Vim VimにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-41411 2026-04-28 10:11 2026-04-24 Show GitHub Exploit DB Packet Storm
3228 7.1 重要
Network 		Foxit eSign FoxitのeSignにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-4947 2026-04-28 10:11 2026-04-1 Show GitHub Exploit DB Packet Storm
3229 7.8 重要
Local 		Rubicon Communications, LLC (Netgate). AMITI Antivirus Rubicon Communications, LLC (Netgate).のAMITI Antivirusにおける引用されない検索パスまたは要素に関する脆弱性 CWE-428
引用されない検索パスまたは要素 		CVE-2016-20058 2026-04-28 10:11 2026-04-4 Show GitHub Exploit DB Packet Storm
3230 5.5 警告
Local 		CompuPhase Termite CompuPhaseのTermiteにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2018-25253 2026-04-28 10:11 2026-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315091 5.4 MEDIUM
Network 		kjayvik bus_ticket_reservation_system Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php. NVD-CWE-Other
CVE-2024-42766 2024-08-27 02:35 2024-08-24 Show GitHub Exploit DB Packet Storm
315092 - - - SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restri… - CVE-2024-42599 2024-08-27 02:35 2024-08-23 Show GitHub Exploit DB Packet Storm
315093 - - - A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute … - CVE-2024-42787 2024-08-27 01:35 2024-08-27 Show GitHub Exploit DB Packet Storm
315094 - - - An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that… - CVE-2024-45238 2024-08-27 01:35 2024-08-25 Show GitHub Exploit DB Packet Storm
315095 - - - An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The Apttus_DocuApi__DocusignAuthentication__mdt object is installed via the marketplace from this package and stores some … - CVE-2024-39344 2024-08-27 01:35 2024-08-22 Show GitHub Exploit DB Packet Storm
315096 - - - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in bPlugins LLC Flash & HTML5 Video.This issue affects Flash & HTML5 Video: from n/a through 2.5.31. CWE-200
Information Exposure 		CVE-2024-43319 2024-08-27 01:15 2024-08-27 Show GitHub Exploit DB Packet Storm
315097 - - - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4. - CVE-2024-43289 2024-08-27 01:15 2024-08-27 Show GitHub Exploit DB Packet Storm
315098 - - - A cross-site scripting (XSS) vulnerability in the Config-Create function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the … - CVE-2024-42818 2024-08-27 01:15 2024-08-27 Show GitHub Exploit DB Packet Storm
315099 - - - A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via /music/ajax.php?action=delete_genre. - CVE-2024-42791 2024-08-27 01:15 2024-08-27 Show GitHub Exploit DB Packet Storm
315100 - - - A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_music" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arb… - CVE-2024-42788 2024-08-27 01:15 2024-08-27 Show GitHub Exploit DB Packet Storm