Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4061	4.9	警告 Network	V2Board	V2Board	V2BoardにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-37505	2026-05-13 10:26	2026-05-1	Show	GitHub Exploit DB Packet Storm

4062	5.4	警告 Network	Apache Software Foundation	Apache-airflow-providers-keycloak	Apache Software FoundationのApache-airflow-providers-keycloakにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-40948	2026-05-13 10:26	2026-04-18	Show	GitHub Exploit DB Packet Storm

4063	6.5	警告 Adjacent	ウォッチガード・テクノロジー	WatchGuard Agent	ウォッチガード・テクノロジーのWatchGuard Agentにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-41286	2026-05-13 10:26	2026-05-6	Show	GitHub Exploit DB Packet Storm

4064	6.5	警告 Adjacent	ウォッチガード・テクノロジー	WatchGuard Agent	ウォッチガード・テクノロジーのWatchGuard Agentにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-41287	2026-05-13 10:26	2026-05-6	Show	GitHub Exploit DB Packet Storm

4065	7.8	重要 Local	ウォッチガード・テクノロジー	WatchGuard Agent	ウォッチガード・テクノロジーのWatchGuard Agentにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-41288	2026-05-13 10:26	2026-05-6	Show	GitHub Exploit DB Packet Storm

4066	9.9	緊急 Network	Mozilla Foundation	0DIN Scanner	Mozilla Foundationの0DIN Scannerにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41512	2026-05-13 10:26	2026-05-8	Show	GitHub Exploit DB Packet Storm

4067	9.8	緊急 Network	D-Link Systems, Inc.	DIR-456U Firmware	D-Link CorporationのDIR-456U Firmwareにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2026-42376	2026-05-13 10:26	2026-05-4	Show	GitHub Exploit DB Packet Storm

4068	6.5	警告 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-4502	2026-05-13 10:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

4069	7.5	重要 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-4503	2026-05-13 10:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

4070	8.8	重要 Network	langflow	Langflow Desktop	langflowのLangflow Desktopにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-6543	2026-05-13 10:26	2026-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313061	-		-	-	MarkUs, a web application for the submission and grading of student assignments, is vulnerable to path traversal in versions prior to 2.4.8. Authenticated instructors may download any file on the web…	CWE-22 Path Traversal	CVE-2024-47820	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

313062	-		-	-	Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2…	CWE-287 Improper Authentication	CVE-2024-47533	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

313063	-		-	-	GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address co…	CWE-200 Information Exposure	CVE-2024-43416	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

313064	6.4	MEDIUM Network	-	-	The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and incl…	CWE-862 Missing Authorization	CVE-2024-10390	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

313065	5.4	MEDIUM Network	-	-	A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper valid…	CWE-80 Basic XSS	CVE-2020-26067	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

313066	-		-	-	A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. T…	CWE-611 XXE	CVE-2020-26066	2024-11-20 06:57	2024-11-19	Show	GitHub Exploit DB Packet Storm

313067	-		-	-	Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access.	-	CVE-2024-45422	2024-11-20 06:56	2024-11-20	Show	GitHub Exploit DB Packet Storm

313068	-		-	-	Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access.	-	CVE-2024-45420	2024-11-20 06:56	2024-11-20	Show	GitHub Exploit DB Packet Storm

313069	-		-	-	Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.	-	CVE-2024-45419	2024-11-20 06:56	2024-11-20	Show	GitHub Exploit DB Packet Storm

313070	4.3	MEDIUM Network	-	-	IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2024-37070	2024-11-20 06:56	2024-11-20	Show	GitHub Exploit DB Packet Storm