Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
351 - - 日立 Hitachi Virtual Storage Platform 日立ディスクアレイシステムにおけるSVP 脆弱性対策について (2026年3月分) - CVE-2026-23667
CVE-2026-23668
CVE-2026-23669
CVE-2026-23671
CVE-2026-23672
CVE-2026-23673
CVE-2026-23674
CVE-2026-24282
CVE-2026-24285
CVE-2026-24287
CVE-2026-24288
C… 		2026-05-25 11:30 2026-05-20 Show GitHub Exploit DB Packet Storm
352 5.5 警告
Local 		Amazon.com, Inc. AWS API MCP Server Amazon.com, Inc.のAWS API MCP Serverにおける代替パスの保護に関する脆弱性 CWE-424
代替パスの不適切な保護 		CVE-2026-4270 2026-05-25 10:26 2026-03-16 Show GitHub Exploit DB Packet Storm
353 6.5 警告
Network 		ベリタス Veritas InfoScale Operations Manager ベリタスのVeritas InfoScale Operations ManagerにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-44923 2026-05-25 10:26 2026-05-20 Show GitHub Exploit DB Packet Storm
354 5.4 警告
Network 		ベリタス Veritas InfoScale Operations Manager ベリタスのVeritas InfoScale Operations Managerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-44924 2026-05-25 10:26 2026-05-20 Show GitHub Exploit DB Packet Storm
355 8.8 重要
Adjacent 		ベリタス Veritas InfoScale Operations Manager ベリタスのVeritas InfoScale Operations Managerにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-44925 2026-05-25 10:26 2026-05-20 Show GitHub Exploit DB Packet Storm
356 6.1 警告
Network 		SimpleSAMLphp simplesamlphp-casserver SimpleSAMLphpのsimplesamlphp-casserverにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2025-65954 2026-05-25 10:26 2026-05-18 Show GitHub Exploit DB Packet Storm
357 5.3 警告
Network 		LupinLin1 JiMeng Web MCP Server LupinLin1のJiMeng Web MCP Serverにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2025-70040 2026-05-25 10:25 2026-03-9 Show GitHub Exploit DB Packet Storm
358 5.4 警告
Network 		ERLANG Erlang/ssh
Erlang/OTP 		ERLANGのErlang/OTP等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-23942 2026-05-25 10:25 2026-03-13 Show GitHub Exploit DB Packet Storm
359 5.3 警告
Network 		ERLANG Erlang/ssh
Erlang/OTP 		ERLANGのErlang/OTP等の複数製品における高圧縮データの処理 (データ増幅)に関する脆弱性 CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-23943 2026-05-25 10:25 2026-03-13 Show GitHub Exploit DB Packet Storm
360 7.8 重要
Local 		Uderzo Software SpaceSniffer Uderzo SoftwareのSpaceSnifferにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-26738 2026-05-25 10:25 2026-03-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311041 - - - Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows a remote attacker to execute arbitrary code via the login.php component. - CVE-2024-51213 2024-11-13 03:35 2024-11-12 Show GitHub Exploit DB Packet Storm
311042 - - - The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= fiel… - CVE-2024-51026 2024-11-13 03:35 2024-11-12 Show GitHub Exploit DB Packet Storm
311043 - - - A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System v1.0 allows an attacker to execute arbitrary SQL commands via the "searchdata " parameter. - CVE-2024-50989 2024-11-13 03:35 2024-11-12 Show GitHub Exploit DB Packet Storm
311044 - - - The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attri… - CVE-2023-40457 2024-11-13 03:35 2024-11-11 Show GitHub Exploit DB Packet Storm
311045 4.4 MEDIUM
Local 		- - A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which … CWE-59
Link Following 		CVE-2024-45770 2024-11-13 03:15 2024-09-19 Show GitHub Exploit DB Packet Storm
311046 5.5 MEDIUM
Local 		- - A vulnerability was found in Performance Co-Pilot (PCP).  This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. - CVE-2024-45769 2024-11-13 03:15 2024-09-19 Show GitHub Exploit DB Packet Storm
311047 - - - UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability. - CVE-2024-48322 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
311048 - - - The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6-RC1 for Android allows an attacker to execute arbitrary JavaScript code via the allvideo.downloader.bro… - CVE-2024-46965 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
311049 - - - EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities. - CVE-2024-36061 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
311050 - - - An XML External Entity (XXE) vulnerability in the component DocumentBuilderFactory of powertac-server v1.9.0 allows attackers to access sensitive information or execute arbitrary code via supplying a… - CVE-2024-51135 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm