Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3321 5.5 警告
Local 		レッドハット
firewalld		 firewalld
Red Hat Enterprise Linux 		firewalld等の複数ベンダの製品における割り当てられたパーミッションの実行に関する脆弱性 CWE-279
割り当てられたパーミッションの不適切な実行 		CVE-2026-4948 2026-05-7 12:29 2026-03-27 Show GitHub Exploit DB Packet Storm
3322 10 緊急
Network 		huggingface smolagents huggingfaceのsmolagentsにおける複数の脆弱性 CWE-74
CWE-94
CVE-2026-4963 2026-05-7 12:29 2026-03-27 Show GitHub Exploit DB Packet Storm
3323 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. ch22 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5154 2026-05-7 12:28 2026-03-30 Show GitHub Exploit DB Packet Storm
3324 9.8 緊急
Network 		TRENDnet TEW-713RE FIRMWARE TRENDnetのTEW-713RE FIRMWAREにおける複数の脆弱性 CWE-74
CWE-77
CVE-2026-5183 2026-05-7 12:28 2026-03-31 Show GitHub Exploit DB Packet Storm
3325 8.8 重要
Network 		nothings stb_truetype.h nothingsのstb_truetype.hにおける複数の脆弱性 CWE-119
CWE-125
CVE-2026-5314 2026-05-7 12:28 2026-04-1 Show GitHub Exploit DB Packet Storm
3326 8.8 重要
Network 		nothings stb_truetype.h nothingsのstb_truetype.hにおける複数の脆弱性 CWE-119
CWE-125
CVE-2026-5315 2026-05-7 12:28 2026-04-2 Show GitHub Exploit DB Packet Storm
3327 6.5 警告
Network 		nothings stb vorbis.c nothingsのstb vorbis.cにおける複数の脆弱性 CWE-400
CWE-770
CVE-2026-5316 2026-05-7 12:28 2026-04-2 Show GitHub Exploit DB Packet Storm
3328 8.8 重要
Network 		nothings stb vorbis.c nothingsのstb vorbis.cにおける複数の脆弱性 CWE-119
CWE-787
CVE-2026-5317 2026-05-7 12:28 2026-04-2 Show GitHub Exploit DB Packet Storm
3329 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. ch22 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5604 2026-05-7 12:28 2026-04-5 Show GitHub Exploit DB Packet Storm
3330 8.8 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. ch22 ファームウェア Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性 CWE-119
CWE-121
CVE-2026-5605 2026-05-7 12:28 2026-04-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317911 - - - Rejected reason: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that the issue does not pose a secu… - CVE-2024-8439 2024-09-7 07:15 2024-09-7 Show GitHub Exploit DB Packet Storm
317912 8.1 HIGH
Network 		ivanti neurons_for_itsm Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as… CWE-295
Improper Certificate Validation  		CVE-2024-7570 2024-09-7 06:59 2024-08-14 Show GitHub Exploit DB Packet Storm
317913 9.8 CRITICAL
Network 		ivanti neurons_for_itsm An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug informati… NVD-CWE-Other
CVE-2024-7569 2024-09-7 06:57 2024-08-14 Show GitHub Exploit DB Packet Storm
317914 9.3 CRITICAL
Network 		roundcube webmail A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desani… CWE-79
Cross-site Scripting 		CVE-2024-42009 2024-09-7 06:50 2024-08-6 Show GitHub Exploit DB Packet Storm
317915 9.3 CRITICAL
Network 		roundcube webmail A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious … CWE-79
Cross-site Scripting 		CVE-2024-42008 2024-09-7 06:48 2024-08-6 Show GitHub Exploit DB Packet Storm
317916 4.3 MEDIUM
Network 		xwiki xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When a user has view but not edit right on a page in XWiki, that user can delete the page and … CWE-862
 Missing Authorization 		CVE-2024-37898 2024-09-7 06:16 2024-08-1 Show GitHub Exploit DB Packet Storm
317917 4.6 MEDIUM
Network 		xwiki xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When uploading an attachment with a malicious filename, malicious JavaScript code could be exe… CWE-94
Code Injection 		CVE-2024-37900 2024-09-7 06:06 2024-08-1 Show GitHub Exploit DB Packet Storm
317918 8.8 HIGH
Network 		xwiki xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit right on any page can perform arbitrary remote code execution by adding ins… CWE-94
Code Injection 		CVE-2024-37901 2024-09-7 05:54 2024-08-1 Show GitHub Exploit DB Packet Storm
317919 5.4 MEDIUM
Network 		xwiki xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By creating a conflict when another user with more rights is currently editing a page, it is p… CWE-79
Cross-site Scripting 		CVE-2024-41947 2024-09-7 05:46 2024-08-1 Show GitHub Exploit DB Packet Storm
317920 7.5 HIGH
Network 		intel ethernet_800_series_controllers_driver Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially e… NVD-CWE-noinfo
CVE-2024-23499 2024-09-7 05:43 2024-08-14 Show GitHub Exploit DB Packet Storm