Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3951 9.8 緊急
Network 		Technostrobe HI-LED-WR120-G2 Firmware TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性 CWE-284
CWE-434
CVE-2026-5573 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3952 8.6 重要
Network 		Song Li (Song-Li) Cross browser fingerprinting Song Li (Song-Li)のCross browser fingerprintingにおける複数の脆弱性 CWE-74
CWE-89
CWE-89
CVE-2026-5577 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3953 9.8 緊急
Network 		Martin (Fosowl) AgenticSeek Martin (Fosowl)のAgenticSeekにおける複数の脆弱性 CWE-74
CWE-94
CVE-2026-5584 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3954 7.5 重要
Network 		Tencent AI-Infra-Guard TencentのAI-Infra-Guardにおける複数の脆弱性 CWE-200
CWE-284
CWE-noinfo
CVE-2026-5585 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3955 3.7
Network 		Simon Tatham PuTTY PuTTYにおける複数の脆弱性 CWE-345
CWE-347
CVE-2026-4115 2026-05-7 12:27 2026-03-22 Show GitHub Exploit DB Packet Storm
3956 9.8 緊急
Network 		cPanel cPanel
WP Squared
cPanel WHM 		cPanelのcPanel等の複数製品における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-41940 2026-05-7 12:27 2026-04-29 Show GitHub Exploit DB Packet Storm
3957 9.8 緊急
Network 		Provectus UI for Apache Kafka ProvectusのUI for Apache Kafkaにおける複数の脆弱性 CWE-74
CWE-94
CVE-2026-5562 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3958 6.1 警告
Network 		WSO2 WSO2 Identity Server WSO2のWSO2 Identity Serverにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-10503 2026-05-7 12:07 2026-04-29 Show GitHub Exploit DB Packet Storm
3959 5.3 警告
Network 		MCPHub MCPHub MCPHubにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2025-13822 2026-05-7 12:07 2026-04-14 Show GitHub Exploit DB Packet Storm
3960 5.3 警告
Network 		IBM IBM DB2 IBMのIBM DB2における入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2025-14688 2026-05-7 12:07 2026-04-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313691 - - - In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the backup function. - CVE-2024-51251 2024-11-5 03:50 2024-11-4 Show GitHub Exploit DB Packet Storm
313692 - - - In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reboot function. - CVE-2024-51249 2024-11-5 03:50 2024-11-4 Show GitHub Exploit DB Packet Storm
313693 - - - In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPTP function. - CVE-2024-51246 2024-11-5 03:50 2024-11-4 Show GitHub Exploit DB Packet Storm
313694 - - - In getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation feature by updating the attestation keys of all installed apps … - CVE-2024-40659 2024-11-5 03:35 2024-09-11 Show GitHub Exploit DB Packet Storm
313695 - - - An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity. - CVE-2023-20509 2024-11-5 03:35 2024-08-14 Show GitHub Exploit DB Packet Storm
313696 - - - A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands int… - CVE-2024-9287 2024-11-5 03:15 2024-10-23 Show GitHub Exploit DB Packet Storm
313697 - - - Entrust Instant Financial Issuance (On Premise) Software (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier leaves behind a configuration file (i.e. WebAPI.cfg.xml) aft… - CVE-2024-39341 2024-11-5 02:35 2024-09-24 Show GitHub Exploit DB Packet Storm
313698 - - - In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure wit… - CVE-2024-40656 2024-11-5 02:35 2024-09-11 Show GitHub Exploit DB Packet Storm
313699 - - - Improper input validation in SMU may allow an attacker with privileges and a compromised physical function (PF)     to modify the PCIe® lane count and speed, potentially leading to a loss of availab… - CVE-2023-31304 2024-11-5 02:35 2024-08-14 Show GitHub Exploit DB Packet Storm
313700 - - - EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable field is executed when the user c… - CVE-2024-31975 2024-11-5 02:15 2024-10-31 Show GitHub Exploit DB Packet Storm