Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3521 7.8 重要
Local 		radare radare2 radareのradare2における複数の脆弱性 CWE-22
CWE-59
CVE-2026-6941 2026-04-30 12:24 2026-04-23 Show GitHub Exploit DB Packet Storm
3522 7.5 重要
Network 		Sgbett BSV Ruby SDK (bsv-sdk) SgbettのBSV Ruby SDK (bsv-sdk)における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2026-40069 2026-04-30 12:18 2026-04-9 Show GitHub Exploit DB Packet Storm
3523 5.3 警告
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-40431 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3524 9.8 緊急
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-40620 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3525 8.1 重要
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40623 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3526 9.8 緊急
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 CWE-288
代替パスまたはチャネルを使用した認証回避 		CVE-2026-40630 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3527 5.3 警告
Network 		opentelemetry opentelemetry
OpenTelemetry.Extensions.Propagators
Opentelemetry.api 		opentelemetryのOpentelemetry.api等の複数製品における過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-40894 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
3528 10 緊急
Network 		VoidZero Inc. Vite+ VoidZero Inc.のVite+におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41211 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
3529 5.4 警告
Network 		Siemvk (siemvk) Openlearn Siemvk (siemvk)のOpenlearnにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41243 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
3530 8.8 重要
Network 		Deskflow Deskflow Deskflowにおける古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-41476 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315091 8.8 HIGH
Network 		fogproject fogproject FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. The Rebr… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-40645 2024-09-6 02:09 2024-08-1 Show GitHub Exploit DB Packet Storm
315092 5.9 MEDIUM
Network 		fogproject fogproject FOG is a free open-source cloning/imaging/rescue suite/inventory management system. The hostinfo page has missing/improper access control since only the host's mac address is required to obtain the c… CWE-862
 Missing Authorization 		CVE-2024-41108 2024-09-6 01:27 2024-08-1 Show GitHub Exploit DB Packet Storm
315093 7.8 HIGH
Local 		fogproject fogproject FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the "/opt/fog/.fogsettings" file. This file is by default readable b… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-41954 2024-09-6 01:18 2024-08-1 Show GitHub Exploit DB Packet Storm
315094 7.5 HIGH
Network 		ruby-lang rexml REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include … CWE-400
 Uncontrolled Resource Consumption 		CVE-2024-41946 2024-09-6 01:09 2024-08-2 Show GitHub Exploit DB Packet Storm
315095 7.2 HIGH
Network 		dell cloudlink CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could pote… NVD-CWE-Other
CVE-2024-38482 2024-09-6 01:04 2024-08-2 Show GitHub Exploit DB Packet Storm
315096 9.8 CRITICAL
Network 		any1 neatvnc server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369. NVD-CWE-noinfo
CVE-2024-42458 2024-09-6 00:51 2024-08-2 Show GitHub Exploit DB Packet Storm
315097 5.4 MEDIUM
Network 		metaphorcreations ditty The Ditty WordPress plugin before 3.1.45 does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. CWE-79
Cross-site Scripting 		CVE-2024-6710 2024-09-6 00:30 2024-08-5 Show GitHub Exploit DB Packet Storm
315098 8.8 HIGH
Network 		wpsoul greenshift_query_addon Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Query and Meta Addon allows SQL Injection.This issue affects Greenshift Query a… CWE-89
SQL Injection 		CVE-2024-43942 2024-09-6 00:25 2024-08-30 Show GitHub Exploit DB Packet Storm
315099 8.8 HIGH
Network 		wpsoul greenshift_woocommerce_addon Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerc… CWE-89
SQL Injection 		CVE-2024-43943 2024-09-6 00:10 2024-08-30 Show GitHub Exploit DB Packet Storm
315100 8.8 HIGH
Network 		wpmart animated_number_counters Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sk. Abul Hasan Animated Number Counters allows PHP Local File Inclusion.This issue affects Animated Num… CWE-22
Path Traversal 		CVE-2024-43957 2024-09-5 23:49 2024-08-30 Show GitHub Exploit DB Packet Storm