Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3471	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41500	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

3472	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41501	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

3473	7.8	重要 Local	Sebastian Bergmann	PHPUnit	Sebastian BergmannのPHPUnitにおける複数の脆弱性	CWE-88 CWE-93	CVE-2026-41570	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

3474	7.5	重要 Network	Zcash Foundation	Zebra-chain Zebrad	Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-41584	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

3475	5.3	警告 Network	projectdiscovery	Nuclei	ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41645	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

3476	5.5	警告 Local	projectdiscovery	Nuclei	ProjectDiscovery, Inc.のNucleiにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41646	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

3477	8.1	重要 Network		-	OpenC3のOpenC3 COSMOSにおける未検証のパスワード変更に関する脆弱性	CWE-620 未検証のパスワード変更	CVE-2026-42084	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

3478	4.3	警告 Network		-	OpenC3のOpenC3 COSMOSにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-42085	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

3479	4.6	警告 Network		-	OpenC3のOpenC3 COSMOSにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42086	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

3480	9.6	緊急 Network		-	OpenC3のOpenC3 COSMOSにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-42087	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316151	5.4	MEDIUM Network	filemanagerpro	file_manager	The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 8.3.9. This is due to a lack of proper checks on allowed file types. Th…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8918	2024-10-18 03:25	2024-10-16	Show	GitHub Exploit DB Packet Storm

316152	6.5	MEDIUM Adjacent	microsoft	windows_server_2022_23h2 windows_10_1809 windows_server_2019 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_23h2 windows_11_24h2	Windows Mobile Broadband Driver Denial of Service Vulnerability	NVD-CWE-noinfo	CVE-2024-43540	2024-10-18 03:25	2024-10-9	Show	GitHub Exploit DB Packet Storm

316153	8.8	HIGH Network	filemanagerpro	file_manager	The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and uploads due to missing file type validation via the 'mk_file_folder_manager_shortcode' ajax action in al…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8746	2024-10-18 03:22	2024-10-16	Show	GitHub Exploit DB Packet Storm

316154	8.8	HIGH Network	filemanagerpro	file_manager	The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.3.9. This is due to missing or incorrect nonce validation on the 'mk_file…	CWE-352 Origin Validation Error	CVE-2024-8507	2024-10-18 03:20	2024-10-16	Show	GitHub Exploit DB Packet Storm

316155	7.8	HIGH Local	microsoft	windows_11_24h2	Windows Kernel Elevation of Privilege Vulnerability	NVD-CWE-noinfo	CVE-2024-43527	2024-10-18 03:18	2024-10-9	Show	GitHub Exploit DB Packet Storm

316156	7.8	HIGH Local	microsoft	office 365_apps office_long_term_servicing_channel	Microsoft Office Visio Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-43505	2024-10-18 03:16	2024-10-9	Show	GitHub Exploit DB Packet Storm

316157	5.9	MEDIUM Network	-	-	An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2024-47491	2024-10-18 03:15	2024-10-12	Show	GitHub Exploit DB Packet Storm

316158	6.5	MEDIUM Adjacent	gotenna	gotenna_pro	The goTenna Pro App allows unauthenticated attackers to remotely update the local public keys used for P2P and group messages. It is advised to update your app to the current release for enhanced e…	CWE-306 Missing Authentication for Critical Function	CVE-2024-47130	2024-10-18 03:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

316159	4.3	MEDIUM Adjacent	gotenna	gotenna_pro	The goTenna Pro App does not inject extra characters into broadcasted frames to obfuscate the length of messages. This makes it possible to tell the length of the payload regardless of the encrypti…	CWE-203 Information Exposure Through Discrepancy	CVE-2024-47129	2024-10-18 03:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

316160	4.3	MEDIUM Adjacent	gotenna	gotenna_pro	The goTenna Pro App encryption key name is always sent unencrypted when the key is shared over RF through a broadcast message. It is advised to share the encryption key via local QR for higher secu…	NVD-CWE-noinfo	CVE-2024-47128	2024-10-18 03:15	2024-09-27	Show	GitHub Exploit DB Packet Storm