Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3451	8.3	重要 Network	Linux	Linux Kernel	LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-31712	2026-05-8 12:05	2026-05-1	Show	GitHub Exploit DB Packet Storm

3452	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-31713	2026-05-8 12:05	2026-05-1	Show	GitHub Exploit DB Packet Storm

3453	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性	CWE-401 有効期限後のメモリの解放の欠如	CVE-2026-31714	2026-05-8 12:05	2026-05-1	Show	GitHub Exploit DB Packet Storm

3454	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-31715	2026-05-8 12:05	2026-05-1	Show	GitHub Exploit DB Packet Storm

3455	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-31716	2026-05-8 12:05	2026-05-1	Show	GitHub Exploit DB Packet Storm

3456	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年04月30日）	-	-	2026-05-7 14:50	2026-05-1	Show	GitHub Exploit DB Packet Storm

3457	6.1	警告 Network	opennebula	opennebula	opennebulaにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-56534	2026-05-7 12:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

3458	6.1	警告 Network	opennebula	opennebula	opennebulaにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-56535	2026-05-7 12:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

3459	6.1	警告 Network	opennebula	opennebula	opennebulaにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-56536	2026-05-7 12:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

3460	6.1	警告 Network	opennebula	opennebula	opennebulaにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-56537	2026-05-7 12:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313191	8.8	HIGH Network	draytek	vigor3900_firmware	In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the rename_table function.	CWE-78 OS Command	CVE-2024-51245	2024-11-6 04:28	2024-11-2	Show	GitHub Exploit DB Packet Storm

313192	8.8	HIGH Network	draytek	vigor3900_firmware	In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doIPSec function.	CWE-78 OS Command	CVE-2024-51244	2024-11-6 04:28	2024-11-2	Show	GitHub Exploit DB Packet Storm

313193	-		-	-	localai <=2.20.1 is vulnerable to Cross Site Scripting (XSS). When calling the delete model API and passing inappropriate parameters, it can cause a one-time storage XSS, which will trigger the paylo…	-	CVE-2024-48057	2024-11-6 03:35	2024-11-5	Show	GitHub Exploit DB Packet Storm

313194	-		-	-	Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.…	-	CVE-2024-30619	2024-11-6 03:35	2024-11-5	Show	GitHub Exploit DB Packet Storm

313195	-		-	-	A Stored Cross-Site Scripting (XSS) Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to execute arbitrary JavaScript in a web browser by including a malicious payload in the 'content' pa…	-	CVE-2024-30618	2024-11-6 03:35	2024-11-5	Show	GitHub Exploit DB Packet Storm

313196	-		-	-	Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID.	-	CVE-2024-48352	2024-11-6 03:35	2024-11-2	Show	GitHub Exploit DB Packet Storm

313197	-		-	-	Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP After login, there are file reads in the background, and attackers can obtain sensitive information such as user credentials, system co…	-	CVE-2024-51399	2024-11-6 03:35	2024-11-2	Show	GitHub Exploit DB Packet Storm

313198	-		-	-	Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password leakage in the background may lead to unauthorized access, data theft, and network attacks, seriously threa…	-	CVE-2024-51398	2024-11-6 03:35	2024-11-2	Show	GitHub Exploit DB Packet Storm

313199	9.8	CRITICAL Network	codezips	free_exam_hall_seating_management_system	A vulnerability classified as critical has been found in Codezips Free Exam Hall Seating Management System 1.0. Affected is an unknown function of the file /teacher.php. The manipulation of the argum…	CWE-89 SQL Injection	CVE-2024-10737	2024-11-6 03:03	2024-11-4	Show	GitHub Exploit DB Packet Storm

313200	9.8	CRITICAL Network	codezips	free_exam_hall_seating_management_system	A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulatio…	CWE-89 SQL Injection	CVE-2024-10736	2024-11-6 03:03	2024-11-4	Show	GitHub Exploit DB Packet Storm