Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3351	6.5	警告 Network	Devolutions	Devolutions Server	DevolutionsのDevolutions Serverにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-6706	2026-05-7 11:25	2026-04-28	Show	GitHub Exploit DB Packet Storm

3352	6.5	警告 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-7422	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

3353	6.5	警告 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-7423	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

3354	8.1	重要 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-7424	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

3355	6.5	警告 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-7425	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

3356	8.1	重要 Adjacent	Amazon.com, Inc.	freertos-plus-tcp	Amazon.com, Inc.のfreertos-plus-tcpにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-7426	2026-05-7 11:25	2026-04-29	Show	GitHub Exploit DB Packet Storm

3357	5.4	警告 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおけるリクエストの直接送信に関する脆弱性	CWE-425 CWE-noinfo	CVE-2026-7500	2026-05-7 11:25	2026-04-30	Show	GitHub Exploit DB Packet Storm

3358	8.8	重要 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-7551	2026-05-7 11:25	2026-04-30	Show	GitHub Exploit DB Packet Storm

3359	9.8	緊急 Network	Synway	SMG Gateway Management Software	SynwayのSMG Gateway Management SoftwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2025-71284	2026-05-7 10:53	2026-04-30	Show	GitHub Exploit DB Packet Storm

3360	7.8	重要 Local	KDE project	KCoreAddons	KDE projectのKCoreAddonsにおけるエスケープ、メタ、またはコントロールシーケンスの不適切な無効化に関する脆弱性	CWE-150 エスケープ、メタ、またはコントロールシーケンスの不適切な無効化	CVE-2026-41526	2026-05-7 10:53	2026-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
317361	6.1	MEDIUM Network	xiebruce	picuploader	A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injec…	CWE-79 Cross-site Scripting	CVE-2024-44796	2024-09-7 08:35	2024-08-27	Show	GitHub Exploit DB Packet Storm

317362	8.8	HIGH Network	roxy-wi	roxy-wi	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. An OS Command Injection vulnerability allows any authenticated user on the application to execute arbitrary code…	CWE-78 OS Command	CVE-2024-43804	2024-09-7 07:57	2024-08-30	Show	GitHub Exploit DB Packet Storm

317363	8.1	HIGH Network	getkirby	kirby	Kirby is a CMS targeting designers and editors. Kirby allows to restrict the permissions of specific user roles. Users of that role can only perform permitted actions. Permissions for creating and de…	CWE-863 Incorrect Authorization	CVE-2024-41964	2024-09-7 07:56	2024-08-30	Show	GitHub Exploit DB Packet Storm

317364	5.4	MEDIUM Network	seacms	seacms	A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad descript…	CWE-79 Cross-site Scripting	CVE-2024-44919	2024-09-7 07:54	2024-08-30	Show	GitHub Exploit DB Packet Storm

317365	9.8	CRITICAL Network	deltaww	dtn_soft	Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability.	CWE-502 Deserialization of Untrusted Data	CVE-2024-8255	2024-09-7 07:53	2024-08-30	Show	GitHub Exploit DB Packet Storm

317366	7.5	HIGH Network	wolfssl	wolfssl	In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and le…	CWE-125 Out-of-bounds Read	CVE-2024-5991	2024-09-7 07:51	2024-08-28	Show	GitHub Exploit DB Packet Storm

317367	9.8	CRITICAL Network	hp	security_manager	HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries.	NVD-CWE-noinfo	CVE-2024-7720	2024-09-7 07:33	2024-08-28	Show	GitHub Exploit DB Packet Storm

317368	6.1	MEDIUM Network	gazelle_project	gazelle	A cross-site scripting (XSS) vulnerability in the component /managers/enable_requests.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inj…	CWE-79 Cross-site Scripting	CVE-2024-44797	2024-09-7 07:27	2024-08-27	Show	GitHub Exploit DB Packet Storm

317369	6.5	MEDIUM Network	beikeshop	beikeshop	A vulnerability, which was classified as problematic, was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This affects the function exportZip of the file /admin/file_manager/expo…	CWE-22 Path Traversal	CVE-2024-8165	2024-09-7 07:20	2024-08-26	Show	GitHub Exploit DB Packet Storm

317370	8.8	HIGH Network	beikeshop	beikeshop	A vulnerability, which was classified as critical, has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Affected by this issue is the function rename of the file /Admin/Http/…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8164	2024-09-7 07:19	2024-08-26	Show	GitHub Exploit DB Packet Storm