Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3741 5.5 警告
Local 		レッドハット multicluster engine for Kubernetes レッドハットのmulticluster engine for Kubernetesにおける重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2026-7163 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3742 7.2 重要
Network 		Amazon.com, Inc. Amazon ECS container agent Amazon.com, Inc.のAmazon ECS container agentにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-7461 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3743 6.5 警告
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP ServerにおけるHTTPレスポンスの分割に関する脆弱性 CWE-443
CWE-Other
CVE-2026-33523 2026-05-7 11:29 2026-05-4 Show GitHub Exploit DB Packet Storm
3744 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける不適切な短絡評価に関する脆弱性 CWE-768
不適切な短絡評価 		CVE-2026-35378 2026-05-7 11:29 2026-04-22 Show GitHub Exploit DB Packet Storm
3745 7.5 重要
Network 		- 4D SASの4D ServerにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2024-39847 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3746 9.1 緊急
Network 		rti RTI Connext Professional rtiのRTI Connext ProfessionalにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2025-14543 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3747 7.5 重要
Network 		XWiki CryptPad XWikiのCryptPadにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2025-51846 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3748 6.4 警告
Local 		レッドハット process automation manager レッドハットのprocess automation managerにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-58713 2026-05-7 11:29 2026-04-8 Show GitHub Exploit DB Packet Storm
3749 4.8 警告
Network 		GNU Project GNU Wget2 GNU ProjectのGNU Wget2における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-1858 2026-05-7 11:28 2026-04-29 Show GitHub Exploit DB Packet Storm
3750 6.5 警告
Adjacent 		シスコシステムズ Cisco Firepower Threat Defense ソフトウェア
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における範囲外のポインタオフセットの使用に関する脆弱性 CWE-823
範囲外のポインタオフセットの使用 		CVE-2026-20022 2026-05-7 11:28 2026-03-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313391 - - - D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to exe… - CVE-2024-51023 2024-11-6 01:04 2024-11-6 Show GitHub Exploit DB Packet Storm
313392 - - - Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an `AccessControl.userfolder.UserFolder` which ma… CWE-284
Improper Access Control 		CVE-2024-51734 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
313393 - - - Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resu… CWE-138
CWE-159
 Improper Neutralization of Special Elements
 Improper Handling of Invalid Use of Special Elements 		CVE-2024-51500 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
313394 - - - gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket … - CVE-2024-48059 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
313395 - - - golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2024-51744 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
313396 - - - A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a request that posts a fake post onto the user's social wall without the… - CVE-2024-30617 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
313397 - - - Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive profiles information, posing a significant risk to data integrity. - CVE-2024-30616 2024-11-6 01:04 2024-11-5 Show GitHub Exploit DB Packet Storm
313398 6.1 MEDIUM
Network 		cisco firepower_management_center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS… CWE-79
Cross-site Scripting 		CVE-2024-20372 2024-11-6 01:04 2024-10-24 Show GitHub Exploit DB Packet Storm
313399 4.6 MEDIUM
Network 		radixiot mango MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI) vulnerability via the Platform Management Edit page. CWE-94
Code Injection 		CVE-2024-37846 2024-11-6 01:03 2024-10-26 Show GitHub Exploit DB Packet Storm
313400 5.4 MEDIUM
Network 		radixiot mango A stored cross-site scripting (XSS) vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. CWE-79
Cross-site Scripting 		CVE-2024-37844 2024-11-6 01:03 2024-10-26 Show GitHub Exploit DB Packet Storm