Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3611 8.4 重要
Local 		デル data domain operating system
PowerProtect DP Series Appliance 		デルのdata domain operating system等の複数製品における弱い認証情報の使用に関する脆弱性 CWE-1391
脆弱な認証情報の使用 		CVE-2026-23853 2026-05-11 11:12 2026-04-17 Show GitHub Exploit DB Packet Storm
3612 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 CWE-693
CWE-94
CVE-2026-24118 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
3613 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 CWE-693
CWE-94
CVE-2026-24120 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
3614 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 CWE-693
CWE-94
CVE-2026-24781 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
3615 6.3 警告
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-25077 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
3616 9.1 緊急
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-25199 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
3617 7.5 重要
Network 		マイクロソフト Microsoft 365 Copilot BizChat M365 Copilot の情報漏えいの脆弱性 CWE-138
特殊要素の不適切な無害化 		CVE-2026-26129 2026-05-11 11:12 2026-05-7 Show GitHub Exploit DB Packet Storm
3618 7.5 重要
Network 		マイクロソフト Microsoft 365 Copilot BizChat M365 Copilot の情報漏えいの脆弱性 CWE-74
インジェクション 		CVE-2026-26164 2026-05-11 11:12 2026-05-7 Show GitHub Exploit DB Packet Storm
3619 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-26956 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
3620 6.5 警告
Network 		Traccar Ltd Traccar Traccar LtdのTraccarにおけるCSV ファイル内の数式要素の中和に関する脆弱性 CWE-1236
CSV ファイル内の数式要素の不適切な中和 		CVE-2026-27644 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
318021 5.4 MEDIUM
Network 		stirlingpdf stirling_pdf A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as problematic. This vulnerability affects unknown code of the component Markdown-to-PDF. The manipulation … CWE-79
Cross-site Scripting 		CVE-2024-9075 2024-10-1 00:27 2024-09-22 Show GitHub Exploit DB Packet Storm
318022 9.8 CRITICAL
Network 		riello-ups netman_204_firmware The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: throu… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2024-8878 2024-10-1 00:21 2024-09-25 Show GitHub Exploit DB Packet Storm
318023 4.6 MEDIUM
Physics 		proges sensor_net_connect_firmware_v2 A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security… CWE-522
 Insufficiently Protected Credentials 		CVE-2024-3082 2024-10-1 00:15 2024-07-31 Show GitHub Exploit DB Packet Storm
318024 5.5 MEDIUM
Local 		proges thermoscan_ip A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition o… CWE-787
 Out-of-bounds Write 		CVE-2024-31203 2024-10-1 00:15 2024-07-31 Show GitHub Exploit DB Packet Storm
318025 7.8 HIGH
Local 		proges thermoscan_ip A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2024-31202 2024-10-1 00:15 2024-07-31 Show GitHub Exploit DB Packet Storm
318026 5.4 MEDIUM
Network 		anwp football_leagues The AnWP Football Leagues plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.16.7 due to insufficient input sanitization an… CWE-79
Cross-site Scripting 		CVE-2024-8917 2024-09-30 23:30 2024-09-25 Show GitHub Exploit DB Packet Storm
318027 4.3 MEDIUM
Network 		wedevs happy_addons_for_elementor The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.2 via the Content Switcher widget. This makes it possibl… NVD-CWE-noinfo
CVE-2024-8801 2024-09-30 23:23 2024-09-25 Show GitHub Exploit DB Packet Storm
318028 7.5 HIGH
Network 		boldgrid w3_total_cache The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visibl… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2023-5359 2024-09-30 23:19 2024-09-25 Show GitHub Exploit DB Packet Storm
318029 6.5 MEDIUM
Network 		kimhuebel blogintroduction-wordpress-plugin The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi… CWE-352
 Origin Validation Error 		CVE-2024-7862 2024-09-30 23:15 2024-09-12 Show GitHub Exploit DB Packet Storm
318030 8.3 HIGH
Network 		proges sensor_net_connect_firmware_v2 A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a… CWE-352
 Origin Validation Error 		CVE-2024-3083 2024-09-30 23:15 2024-07-31 Show GitHub Exploit DB Packet Storm