Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3421 8.8 重要
Adjacent 		フィリップス Hue Bridge V2 ファームウェア フィリップスのHue Bridge V2 ファームウェアにおけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-3562 2026-04-30 12:29 2026-03-16 Show GitHub Exploit DB Packet Storm
3422 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-3689 2026-04-30 12:29 2026-04-11 Show GitHub Exploit DB Packet Storm
3423 7.4 重要
Network 		OpenClaw OpenClaw OpenClawにおける認証時の IP アドレスへの依存に関する脆弱性 CWE-291
認証時の IP アドレスへの依存 		CVE-2026-3690 2026-04-30 12:29 2026-04-11 Show GitHub Exploit DB Packet Storm
3424 5.3 警告
Network 		OpenClaw OpenClaw OpenClawにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-3691 2026-04-30 12:29 2026-04-11 Show GitHub Exploit DB Packet Storm
3425 7.3 重要
Network 		Shenzhen Tenda Technology Co.,Ltd. w30e ファームウェア Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-38834 2026-04-30 12:29 2026-04-21 Show GitHub Exploit DB Packet Storm
3426 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. w30e ファームウェア Shenzhen Tenda Technology Co.,Ltd.のw30e ファームウェアにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-38835 2026-04-30 12:29 2026-04-21 Show GitHub Exploit DB Packet Storm
3427 5.4 警告
Network 		pyLoad pyLoad pyLoadにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40071 2026-04-30 12:29 2026-04-9 Show GitHub Exploit DB Packet Storm
3428 6.5 警告
Network 		getkirby kirby getkirbyのkirbyにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40099 2026-04-30 12:29 2026-04-24 Show GitHub Exploit DB Packet Storm
3429 5.4 警告
Network 		Auth0 Inc. nextjs-auth0 Auth0 Inc.のnextjs-auth0における複数の脆弱性 CWE-362
CWE-863
CVE-2026-40155 2026-04-30 12:29 2026-04-17 Show GitHub Exploit DB Packet Storm
3430 5.5 警告
Local 		systemd project systemd systemd projectのsystemdにおける不適切な動作順序に関する脆弱性 CWE-696
不適切な動作順序 		CVE-2026-40223 2026-04-30 12:29 2026-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315161 4.9 MEDIUM
Network 		zoom rooms_controller
rooms
meeting_software_development_kit
workplace_virtual_desktop_infrastructure
workplace_desktop
workplace 		Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. NVD-CWE-noinfo
CVE-2024-39823 2024-09-5 06:30 2024-08-15 Show GitHub Exploit DB Packet Storm
315162 6.5 MEDIUM
Network 		zoom rooms_controller
rooms
meeting_software_development_kit
workplace
workplace_desktop 		Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. NVD-CWE-noinfo
CVE-2024-39822 2024-09-5 06:28 2024-08-15 Show GitHub Exploit DB Packet Storm
315163 7.8 HIGH
Local 		- - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as this is a duplicate of CVE-2023-36540. - CVE-2023-34122 2024-09-5 04:15 2023-06-14 Show GitHub Exploit DB Packet Storm
315164 8.8 HIGH
Network 		- - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as this is a duplicate of CVE-2023-36541. - CVE-2023-34113 2024-09-5 04:15 2023-06-14 Show GitHub Exploit DB Packet Storm
315165 8.3 HIGH
Network 		zohocorp manageengine_endpoint_central Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15 CWE-863
 Incorrect Authorization 		CVE-2024-38868 2024-09-5 04:13 2024-08-31 Show GitHub Exploit DB Packet Storm
315166 7.5 HIGH
Network 		zzcms zzcms A vulnerability classified as critical was found in ZZCMS 2023. Affected by this vulnerability is an unknown functionality of the file /admin/class.php?dowhat=modifyclass. The manipulation of the arg… CWE-22
Path Traversal 		CVE-2024-7927 2024-09-5 03:44 2024-08-20 Show GitHub Exploit DB Packet Storm
315167 7.5 HIGH
Network 		zzcms zzcms A vulnerability classified as critical has been found in ZZCMS 2023. Affected is an unknown function of the file /admin/about_edit.php?action=modify. The manipulation of the argument skin leads to pa… CWE-22
Path Traversal 		CVE-2024-7926 2024-09-5 03:42 2024-08-20 Show GitHub Exploit DB Packet Storm
315168 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded a… CWE-476
 NULL Pointer Dereference 		CVE-2022-48868 2024-09-5 03:38 2024-08-21 Show GitHub Exploit DB Packet Storm
315169 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthe… CWE-476
 NULL Pointer Dereference 		CVE-2022-48875 2024-09-5 03:33 2024-08-21 Show GitHub Exploit DB Packet Storm
315170 7.5 HIGH
Network 		avtecinc outpost_uploader_utility
outpost_0810_firmware 		Avtec Outpost stores sensitive information in an insecure location without proper access controls in place. CWE-219
 Storage of File with Sensitive Data Under Web Root 		CVE-2024-39776 2024-09-5 03:25 2024-08-23 Show GitHub Exploit DB Packet Storm