Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3871 7.5 重要
Network 		Sgbett BSV Ruby SDK (bsv-sdk) SgbettのBSV Ruby SDK (bsv-sdk)における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2026-40069 2026-04-30 12:18 2026-04-9 Show GitHub Exploit DB Packet Storm
3872 5.3 警告
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-40431 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3873 9.8 緊急
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-40620 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3874 8.1 重要
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40623 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3875 9.8 緊急
Network 		SenseLive X3500 Firmware SenseLiveのX3500 Firmwareにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 CWE-288
代替パスまたはチャネルを使用した認証回避 		CVE-2026-40630 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3876 5.3 警告
Network 		opentelemetry opentelemetry
OpenTelemetry.Extensions.Propagators
Opentelemetry.api 		opentelemetryのOpentelemetry.api等の複数製品における過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-40894 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
3877 10 緊急
Network 		VoidZero Inc. Vite+ VoidZero Inc.のVite+におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41211 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
3878 5.4 警告
Network 		Siemvk (siemvk) Openlearn Siemvk (siemvk)のOpenlearnにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41243 2026-04-30 12:18 2026-04-23 Show GitHub Exploit DB Packet Storm
3879 8.8 重要
Network 		Deskflow Deskflow Deskflowにおける古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-41476 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
3880 7.8 重要
Local 		Deskflow Deskflow Deskflowにおける複数の脆弱性 CWE-306
CWE-862
CVE-2026-41477 2026-04-30 12:18 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314251 7.2 HIGH
Network 		cacti cacti Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing onl… CWE-94
Code Injection 		CVE-2024-43363 2024-10-18 02:58 2024-10-8 Show GitHub Exploit DB Packet Storm
314252 2.4 LOW
Network 		authzed spicedb SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version 1.35.0 and prior to version 1.37.1, clients that have enabled `LookupResource… NVD-CWE-Other
CVE-2024-48909 2024-10-18 02:56 2024-10-15 Show GitHub Exploit DB Packet Storm
314253 7.5 HIGH
Network 		ss-proj shirasagi SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability is exploited, arbitrary files on the server may be retrieved … CWE-22
Path Traversal 		CVE-2024-46898 2024-10-18 02:52 2024-10-15 Show GitHub Exploit DB Packet Storm
314254 7.5 HIGH
Network 		microsoft windows_server_2008
windows_server_2012
windows_server_2016
windows_server_2022_23h2
windows_server_2022
windows_server_2019 		Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability NVD-CWE-noinfo
CVE-2024-43541 2024-10-18 02:50 2024-10-9 Show GitHub Exploit DB Packet Storm
314255 6.5 MEDIUM
Adjacent 		microsoft windows_server_2022_23h2
windows_10_1809
windows_server_2019
windows_11_21h2
windows_10_21h2
windows_11_22h2
windows_10_22h2
windows_11_23h2
windows_11_24h2 		Windows Mobile Broadband Driver Denial of Service Vulnerability NVD-CWE-noinfo
CVE-2024-43542 2024-10-18 02:40 2024-10-9 Show GitHub Exploit DB Packet Storm
314256 - - - An issue in Wanxing Technology's Yitu project Management Software 3.2.2 allows a remote attacker to execute arbitrary code via the platformpluginpath parameter to specify that the qt plugin loads the… - CVE-2024-48779 2024-10-18 02:35 2024-10-16 Show GitHub Exploit DB Packet Storm
314257 6.5 MEDIUM
Network 		paytium paytium The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the create_mollie_profile function in versions … CWE-862
 Missing Authorization 		CVE-2023-7294 2024-10-18 02:34 2024-10-16 Show GitHub Exploit DB Packet Storm
314258 4.3 MEDIUM
Network 		paytium paytium The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the check_mollie_account_details function in versi… CWE-862
 Missing Authorization 		CVE-2023-7293 2024-10-18 02:33 2024-10-16 Show GitHub Exploit DB Packet Storm
314259 4.4 MEDIUM
Local 		google android In DRM service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with System execution privileges needed. CWE-476
 NULL Pointer Dereference 		CVE-2024-39440 2024-10-18 02:33 2024-10-9 Show GitHub Exploit DB Packet Storm
314260 4.3 MEDIUM
Network 		paytium paytium The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized notification dismissal due to a missing capability check on the paytium_notice_dismiss function in ver… CWE-862
 Missing Authorization 		CVE-2023-7292 2024-10-18 02:32 2024-10-16 Show GitHub Exploit DB Packet Storm