Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3821	9.4	緊急 Network	Apache Software Foundation	Apache Camel	Apache Software FoundationのApache Camelにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-33454	2026-04-30 11:03	2026-04-27	Show	GitHub Exploit DB Packet Storm

3822	7.5	重要 Network	Linaro	OP-TEE Trusted OS	LinaroのOP-TEE Trusted OSにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-33662	2026-04-30 11:03	2026-04-24	Show	GitHub Exploit DB Packet Storm

3823	7.4	重要 Network	OpenProject	OpenProject	OpenProjectにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-33667	2026-04-30 11:03	2026-04-15	Show	GitHub Exploit DB Packet Storm

3824	6.7	警告 Local	デル	data domain operating system	デルのdata domain operating systemにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-35154	2026-04-30 11:03	2026-04-20	Show	GitHub Exploit DB Packet Storm

3825	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性	CWE-684 指定された機能の不適切な提供	CVE-2026-35379	2026-04-30 11:03	2026-04-22	Show	GitHub Exploit DB Packet Storm

3826	5.5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-35380	2026-04-30 11:03	2026-04-22	Show	GitHub Exploit DB Packet Storm

3827	10	緊急 Network	マイクロソフト	Microsoft Entra ID	Microsoft Entra ID Entitlement Management Spoofing Vulnerability	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-35431	2026-04-30 11:03	2026-04-23	Show	GitHub Exploit DB Packet Storm

3828	5.3	警告 Network	oobabooga	TextGen	oobaboogaのTextGenにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35484	2026-04-30 11:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

3829	7.5	重要 Network	oobabooga	TextGen	oobaboogaのTextGenにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35485	2026-04-30 11:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

3830	8.8	重要 Network	Pi-hole	FTLDNS	Pi-holeのFTLDNSにおける複数の脆弱性	CWE-78 CWE-93	CVE-2026-35517	2026-04-30 11:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314851	7.2	HIGH Network	-	-	An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input …	-	CVE-2024-8281	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314852	7.2	HIGH Network	-	-	An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection or cause a recoverable denial of service usin…	-	CVE-2024-8280	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314853	7.2	HIGH Network	-	-	A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.	-	CVE-2024-8279	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314854	7.2	HIGH Network	-	-	A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.	-	CVE-2024-8278	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314855	4.3	MEDIUM Network	-	-	IPMI credentials may be captured in XCC audit log entries when the account username length is 16 characters.	-	CVE-2024-8059	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314856	6.8	MEDIUM Physics	-	-	A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell.	-	CVE-2024-7756	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314857	6.7	MEDIUM Local	-	-	A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code.	-	CVE-2024-4550	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314858	6.7	MEDIUM Local	-	-	An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execu…	-	CVE-2024-45105	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314859	6.8	MEDIUM Network	-	-	A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that could allow an attacker to intercept a valid, authenticated LXCA user’s XCC session if they can convince …	-	CVE-2024-45101	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm

314860	-		-	-	A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code.	-	CVE-2024-3100	2024-09-14 20:47	2024-09-14	Show	GitHub Exploit DB Packet Storm