Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3501	6.5	警告 Network	nothings	stb vorbis.c	nothingsのstb vorbis.cにおける複数の脆弱性	CWE-400 CWE-770	CVE-2026-5316	2026-05-7 12:28	2026-04-2	Show	GitHub Exploit DB Packet Storm

3502	8.8	重要 Network	nothings	stb vorbis.c	nothingsのstb vorbis.cにおける複数の脆弱性	CWE-119 CWE-787	CVE-2026-5317	2026-05-7 12:28	2026-04-2	Show	GitHub Exploit DB Packet Storm

3503	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	ch22 ファームウェア	Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-5604	2026-05-7 12:28	2026-04-5	Show	GitHub Exploit DB Packet Storm

3504	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	ch22 ファームウェア	Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-5605	2026-05-7 12:28	2026-04-6	Show	GitHub Exploit DB Packet Storm

3505	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	HG3 Firmware	Shenzhen Tenda Technology Co.,Ltd.のHG3 Firmwareにおける複数の脆弱性	CWE-77 CWE-78	CVE-2026-7119	2026-05-7 12:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

3506	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	HG3 Firmware	Shenzhen Tenda Technology Co.,Ltd.のHG3 Firmwareにおける複数の脆弱性	CWE-119 CWE-121	CVE-2026-7151	2026-05-7 12:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

3507	8.8	重要 Network	Shenzhen Tenda Technology Co.,Ltd.	HG3 Firmware	Shenzhen Tenda Technology Co.,Ltd.のHG3 Firmwareにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-7160	2026-05-7 12:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

3508	7.3	重要 Network	NextChat	NextChat	NextChatにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-7177	2026-05-7 12:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

3509	7.3	重要 Network	NextChat	NextChat	NextChatにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-7178	2026-05-7 12:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

3510	7.3	重要 Network	Mozilla Foundation	Mozilla Firefox Mozilla Thunderbird	Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性	CWE-119 CWE-787	CVE-2026-7323	2026-05-7 12:28	2026-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316121	8.8	HIGH Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.	CWE-89 SQL Injection	CVE-2024-42417	2024-10-9 00:43	2024-10-4	Show	GitHub Exploit DB Packet Storm

316122	9.8	CRITICAL Network	draytek	vigor3912_firmware vigor2962_firmware vigor3910_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of…	CWE-787 Out-of-bounds Write	CVE-2024-41593	2024-10-9 00:35	2024-10-4	Show	GitHub Exploit DB Packet Storm

316123	6.1	MEDIUM Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.	CWE-79 Cross-site Scripting	CVE-2024-41591	2024-10-9 00:34	2024-10-4	Show	GitHub Exploit DB Packet Storm

316124	6.1	MEDIUM Network	cozmoslabs	membership_\&_content_restriction_-_paid_member_subscriptions	The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…	CWE-79 Cross-site Scripting	CVE-2024-9222	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

316125	6.1	MEDIUM Network	ibericode	mailchimp_top_bar	The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…	CWE-79 Cross-site Scripting	CVE-2024-9210	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

316126	8.8	HIGH Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerabil…	CWE-22 Path Traversal	CVE-2024-20449	2024-10-9 00:33	2024-10-3	Show	GitHub Exploit DB Packet Storm

316127	6.1	MEDIUM Network	themegrill	magazine_blocks	The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us…	CWE-79 Cross-site Scripting	CVE-2024-9218	2024-10-9 00:33	2024-10-2	Show	GitHub Exploit DB Packet Storm

316128	5.4	MEDIUM Network	draytek	vigor3910_firmware vigor3912_firmware vigor2962_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.	CWE-79 Cross-site Scripting	CVE-2024-41587	2024-10-9 00:32	2024-10-4	Show	GitHub Exploit DB Packet Storm

316129	7.5	HIGH Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG o…	CWE-326 Inadequate Encryption Strength	CVE-2024-41594	2024-10-9 00:31	2024-10-4	Show	GitHub Exploit DB Packet Storm

316130	5.5	MEDIUM Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to pe…	CWE-88 Argument Injection	CVE-2024-20444	2024-10-9 00:26	2024-10-3	Show	GitHub Exploit DB Packet Storm