Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3961	6.1	警告 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-31906	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3962	7.5	重要 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-31909	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3963	7.5	重要 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-31910	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3964	9.1	緊急 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるハードコードされた暗号鍵の使用に関する脆弱性	CWE-321 ハードコードされた暗号鍵の使用	CVE-2026-31986	2026-05-21 10:53	2026-05-19	Show	GitHub Exploit DB Packet Storm

3965	4.8	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3495	2026-05-21 10:53	2026-05-18	Show	GitHub Exploit DB Packet Storm

3966	6.5	警告 Network	Apache Software Foundation	Apache OFBiz	Apache Software FoundationのApache OFBizにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-35086	2026-05-21 10:52	2026-05-19	Show	GitHub Exploit DB Packet Storm

3967	8.8	重要 Local	マイクロソフト	Microsoft 365 Apps Microsoft Office Office Long Term Servicing Channel (LTSC)	Microsoft Office クイック実行の特権の昇格の脆弱性	CWE-1220 アクセス制御の不十分な粒度	CVE-2026-35436	2026-05-21 10:52	2026-05-12	Show	GitHub Exploit DB Packet Storm

3968	5.5	警告 Local	マイクロソフト	Microsoft 365 Apps Microsoft Office Microsoft Word Office Long Term Servicing Channel (LTSC)	Microsoft Word の情報漏えいの脆弱性	CWE-552 外部からアクセス可能なファイルまたはディレクトリ	CVE-2026-35440	2026-05-21 10:52	2026-05-12	Show	GitHub Exploit DB Packet Storm

3969	4.3	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-3637	2026-05-21 10:52	2026-05-18	Show	GitHub Exploit DB Packet Storm

3970	9.8	緊急 Network	H2O.ai	H2O	H2O.aiのH2Oにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-3960	2026-05-21 10:52	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315531	7.8	HIGH Local	openatom	openharmony	in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.	CWE-787 Out-of-bounds Write	CVE-2024-47137	2024-11-7 00:26	2024-11-5	Show	GitHub Exploit DB Packet Storm

315532	7.8	HIGH Local	openatom	openharmony	in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free.	CWE-415 Double Free	CVE-2024-47404	2024-11-7 00:25	2024-11-5	Show	GitHub Exploit DB Packet Storm

315533	5.3	MEDIUM Network	zimaspace	zimaos	ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint `http://<Server-ip>/v1/users/name` allows unau…	CWE-862 Missing Authorization	CVE-2024-48932	2024-11-7 00:25	2024-10-25	Show	GitHub Exploit DB Packet Storm

315534	7.8	HIGH Local	openatom	openharmony	in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.	CWE-787 Out-of-bounds Write	CVE-2024-47797	2024-11-7 00:24	2024-11-5	Show	GitHub Exploit DB Packet Storm

315535	7.5	HIGH Network	anisha	e-health_care_system	A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file Doctor/app_request.php. The manipulation of the ar…	CWE-89 SQL Injection	CVE-2024-10810	2024-11-7 00:16	2024-11-5	Show	GitHub Exploit DB Packet Storm

315536	7.5	HIGH Network	anisha	e-health_care_system	A vulnerability was found in code-projects E-Health Care System 1.0 and classified as critical. This issue affects some unknown processing of the file /Doctor/chat.php. The manipulation of the argume…	CWE-89 SQL Injection	CVE-2024-10809	2024-11-7 00:14	2024-11-5	Show	GitHub Exploit DB Packet Storm

315537	7.5	HIGH Network	anisha	e-health_care_system	A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. This vulnerability affects unknown code of the file Admin/req_detail.php. The manipulation of the …	CWE-89 SQL Injection	CVE-2024-10808	2024-11-7 00:14	2024-11-5	Show	GitHub Exploit DB Packet Storm

315538	4.8	MEDIUM Network	anujkumar	hospital_management_system	A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been rated as problematic. This issue affects some unknown processing of the file hms/doctor/search.php. The manipulatio…	CWE-79 Cross-site Scripting	CVE-2024-10807	2024-11-7 00:07	2024-11-5	Show	GitHub Exploit DB Packet Storm

315539	4.8	MEDIUM Network	anujkumar	hospital_management_system	A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as problematic. This vulnerability affects unknown code of the file betweendates-detailsreports.php. The m…	CWE-79 Cross-site Scripting	CVE-2024-10806	2024-11-7 00:06	2024-11-5	Show	GitHub Exploit DB Packet Storm

315540	4.7	MEDIUM Local	cosmote	what\'s_up	A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmo…	CWE-798 Use of Hard-coded Credentials	CVE-2024-10748	2024-11-7 00:06	2024-11-4	Show	GitHub Exploit DB Packet Storm