Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4041	5.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS Recursorにおける完全性チェックの欠如に関する脆弱性	CWE-353 完全性チェックの欠如	CVE-2026-33261	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4042	5.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS RecursorにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33262	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4043	8.7	重要 Local	Linaro	OP-TEE Trusted OS	LinaroのOP-TEE Trusted OSにおける複数の脆弱性	CWE-125 CWE-787	CVE-2026-33317	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

4044	8.8	重要 Network	Actual Budget	Actual	Actual BudgetのActualにおける複数の脆弱性	CWE-284 CWE-862	CVE-2026-33318	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

4045	7.5	重要 Network	FirebirdSQL	Firebird	FirebirdSQLのFirebirdにおける複数の脆弱性	CWE-120 CWE-502	CVE-2026-33337	2026-04-30 12:30	2026-04-17	Show	GitHub Exploit DB Packet Storm

4046	4.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS RecursorにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33600	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4047	4.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS RecursorにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33601	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4048	9.1	緊急 Network	EspoCRM	EspoCRM	EspoCRMにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33656	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4049	7.2	重要 Network	EspoCRM	EspoCRM	EspoCRMにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-33733	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4050	7.5	重要 Network	FirebirdSQL	Firebird	FirebirdSQLのFirebirdにおける不正な構文構造の不適切な処理に関する脆弱性	CWE-228 不正な構文構造の不適切な処理	CVE-2026-34232	2026-04-30 12:30	2026-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314771	4.3	MEDIUM Adjacent	acronis	cyber_protect	Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.	NVD-CWE-Other	CVE-2024-49384	2024-10-16 22:52	2024-10-15	Show	GitHub Exploit DB Packet Storm

314772	7.8	HIGH Local	electronics.jtekt	kostac_plc_programming_software	Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project f…	CWE-787 Out-of-bounds Write	CVE-2024-47134	2024-10-16 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

314773	8.8	HIGH Network	rems	drag_and_drop_image_upload	A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.php. The manipulati…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-9975	2024-10-16 22:44	2024-10-15	Show	GitHub Exploit DB Packet Storm

314774	9.8	CRITICAL Network	code-projects	pharmacy_management_system	A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_customer.php?action=search. The manipulatio…	CWE-89 SQL Injection	CVE-2024-9976	2024-10-16 22:42	2024-10-15	Show	GitHub Exploit DB Packet Storm

314775	5.5	MEDIUM Local	adobe	acrobat	Acrobat for Edge versions 126.0.2592.81 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit…	CWE-125 Out-of-bounds Read	CVE-2024-39379	2024-10-16 22:38	2024-07-31	Show	GitHub Exploit DB Packet Storm

314776	6.8	MEDIUM Network	adobe	commerce magento	Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could l…	CWE-22 Path Traversal	CVE-2024-39406	2024-10-16 22:37	2024-08-14	Show	GitHub Exploit DB Packet Storm

314777	4.3	MEDIUM Network	adobe	commerce magento	Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…	CWE-352 Origin Validation Error	CVE-2024-39408	2024-10-16 22:36	2024-08-14	Show	GitHub Exploit DB Packet Storm

314778	4.3	MEDIUM Network	adobe	commerce magento	Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…	CWE-352 Origin Validation Error	CVE-2024-39409	2024-10-16 22:35	2024-08-14	Show	GitHub Exploit DB Packet Storm

314779	4.3	MEDIUM Network	adobe	commerce magento	Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…	CWE-352 Origin Validation Error	CVE-2024-39410	2024-10-16 22:34	2024-08-14	Show	GitHub Exploit DB Packet Storm

314780	5.4	MEDIUM Network	flatpress	flatpress	FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the conte…	CWE-79 Cross-site Scripting	CVE-2024-33209	2024-10-16 22:33	2024-10-3	Show	GitHub Exploit DB Packet Storm