Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3381 7.1 重要
Local 		Gwenhael Goavec-Merou (trabucayre) openFPGALoader Gwenhael Goavec-Merou (trabucayre)のopenFPGALoaderにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-35176 2026-04-30 12:08 2026-04-6 Show GitHub Exploit DB Packet Storm
3382 6.5 警告
Network 		Coder Code Extension Marketplace CoderのCode Extension Marketplaceにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35454 2026-04-30 12:07 2026-04-6 Show GitHub Exploit DB Packet Storm
3383 9.8 緊急
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-35503 2026-04-30 12:07 2026-04-24 Show GitHub Exploit DB Packet Storm
3384 8.1 重要
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-39462 2026-04-30 12:07 2026-04-24 Show GitHub Exploit DB Packet Storm
3385 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 CWE-667
不適切なロック 		CVE-2026-31509 2026-04-30 11:07 2026-04-22 Show GitHub Exploit DB Packet Storm
3386 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-31510 2026-04-30 11:07 2026-04-22 Show GitHub Exploit DB Packet Storm
3387 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-31511 2026-04-30 11:06 2026-04-22 Show GitHub Exploit DB Packet Storm
3388 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-31512 2026-04-30 11:06 2026-04-22 Show GitHub Exploit DB Packet Storm
3389 8.1 重要
Adjacent 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-31513 2026-04-30 11:06 2026-04-22 Show GitHub Exploit DB Packet Storm
3390 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-31514 2026-04-30 11:06 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314801 5.4 MEDIUM
Network 		metaphorcreations ditty The Ditty WordPress plugin before 3.1.45 does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. CWE-79
Cross-site Scripting 		CVE-2024-6710 2024-09-6 00:30 2024-08-5 Show GitHub Exploit DB Packet Storm
314802 8.8 HIGH
Network 		wpsoul greenshift_query_addon Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Query and Meta Addon allows SQL Injection.This issue affects Greenshift Query a… CWE-89
SQL Injection 		CVE-2024-43942 2024-09-6 00:25 2024-08-30 Show GitHub Exploit DB Packet Storm
314803 8.8 HIGH
Network 		wpsoul greenshift_woocommerce_addon Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerc… CWE-89
SQL Injection 		CVE-2024-43943 2024-09-6 00:10 2024-08-30 Show GitHub Exploit DB Packet Storm
314804 8.8 HIGH
Network 		wpmart animated_number_counters Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sk. Abul Hasan Animated Number Counters allows PHP Local File Inclusion.This issue affects Animated Num… CWE-22
Path Traversal 		CVE-2024-43957 2024-09-5 23:49 2024-08-30 Show GitHub Exploit DB Packet Storm
314805 5.4 MEDIUM
Network 		alwindoss akademy A vulnerability was found in alwindoss akademy up to 35caccea888ed63d5489e211c99edff1f62efdba. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the f… CWE-79
Cross-site Scripting 		CVE-2024-8407 2024-09-5 23:48 2024-09-4 Show GitHub Exploit DB Packet Storm
314806 9.8 CRITICAL
Network 		linksys wrt54g_firmware A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter… CWE-787
 Out-of-bounds Write 		CVE-2024-8408 2024-09-5 23:41 2024-09-4 Show GitHub Exploit DB Packet Storm
314807 6.1 MEDIUM
Network 		zzcms zzcms Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via a crafted script to the pagename parameter of the admin/del.php component. CWE-79
Cross-site Scripting 		CVE-2024-44819 2024-09-5 23:40 2024-09-5 Show GitHub Exploit DB Packet Storm
314808 8.1 HIGH
Network 		zyxel zld_firmware A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) s… CWE-78
OS Command  		CVE-2024-42057 2024-09-5 23:40 2024-09-3 Show GitHub Exploit DB Packet Storm
314809 6.1 MEDIUM
Network 		semtekyazilim semtek_sempos Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Reflected XSS.This issue affects… CWE-79
Cross-site Scripting 		CVE-2024-7077 2024-09-5 23:39 2024-09-5 Show GitHub Exploit DB Packet Storm
314810 9.8 CRITICAL
Network 		semtekyazilim semtek_sempos Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Blind SQL Injection.This issue a… CWE-89
SQL Injection 		CVE-2024-7076 2024-09-5 23:39 2024-09-5 Show GitHub Exploit DB Packet Storm