Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4081	7.4	重要 Network	go-git project	go-git	go-git projectのgo-gitにおける認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2026-41506	2026-05-14 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

4082	8.1	重要 Network	Andreas Kloeckner	RELATE	Andreas KloecknerのRELATEにおける複数の脆弱性	CWE-203 CWE-208	CVE-2026-41588	2026-05-14 10:19	2026-05-8	Show	GitHub Exploit DB Packet Storm

4083	8.8	重要 Network	NocoBase	NocoBase	NocoBaseにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-41640	2026-05-14 10:19	2026-05-7	Show	GitHub Exploit DB Packet Storm

4084	6.1	警告 Network	fast-xml-parser project	fast-xml-parser	Natural Intelligenceのfast-xml-parserにおけるブラインド XPath インジェクションの脆弱性	CWE-91 ブラインド XPath インジェクション	CVE-2026-41650	2026-05-14 10:18	2026-05-7	Show	GitHub Exploit DB Packet Storm

4085	4.4	警告 Local	Anthropic PBC	Claude SDK for TypeScript (anthropic-ai/sdk)	Anthropic PBCのClaude SDK for TypeScript (anthropic-ai/sdk)における重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-41686	2026-05-14 10:18	2026-05-4	Show	GitHub Exploit DB Packet Storm

4086	8.6	重要 Network	VMware	Spring AI	VMwareのSpring AIにおける言語構文の表現に使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-917 言語構文の表現に使用される特殊な要素の不適切な無効化	CVE-2026-41705	2026-05-14 10:18	2026-05-9	Show	GitHub Exploit DB Packet Storm

4087	7.5	重要 Network	VMware	Spring AI	VMwareのSpring AIにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2026-41712	2026-05-14 10:18	2026-05-12	Show	GitHub Exploit DB Packet Storm

4088	8.2	重要 Network	VMware	Spring AI	VMwareのSpring AIにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性	CWE-1336 テンプレートエンジンで使用される特殊な要素の不適切な無効化	CVE-2026-41713	2026-05-14 10:18	2026-05-12	Show	GitHub Exploit DB Packet Storm

4089	6.5	警告 Network	LangGenius	Dify	LangGeniusのDifyにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-41950	2026-05-14 10:18	2026-05-5	Show	GitHub Exploit DB Packet Storm

4090	9.6	緊急 Network	Streetwriters	Notesnook Mobile Notesnook Desktop	StreetwritersのNotesnook Desktop等の複数製品における複数の脆弱性	CWE-79 CWE-94	CVE-2026-42090	2026-05-14 10:18	2026-05-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313031	4.8	MEDIUM Network	librenms	librenms	LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExampleP…	CWE-79 Cross-site Scripting	CVE-2024-49758	2024-11-20 23:40	2024-11-16	Show	GitHub Exploit DB Packet Storm

313032	5.4	MEDIUM Network	librenms	librenms	LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Services" tab of the Device page allows authenticated users to in…	CWE-79 Cross-site Scripting	CVE-2024-52526	2024-11-20 23:39	2024-11-16	Show	GitHub Exploit DB Packet Storm

313033	4.8	MEDIUM Network	librenms	librenms	LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the…	CWE-79 Cross-site Scripting	CVE-2024-50355	2024-11-20 23:39	2024-11-16	Show	GitHub Exploit DB Packet Storm

313034	5.4	MEDIUM Network	librenms	librenms	LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Port Settings" page allows authenticated users to inject arbitrar…	CWE-79 Cross-site Scripting	CVE-2024-50350	2024-11-20 23:39	2024-11-16	Show	GitHub Exploit DB Packet Storm

313035	7.8	HIGH Local	qualcomm	ar8035_firmware csra6620_firmware csra6640_firmware fastconnect_6200_firmware fastconnect_6700_firmware fastconnect_6900_firmware fastconnect_7800_firmware flight_rb5_5g_platform…	Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.	CWE-416 Use After Free	CVE-2024-33028	2024-11-20 23:39	2024-08-6	Show	GitHub Exploit DB Packet Storm

313036	7.8	HIGH Local	qualcomm	315_5g_iot_modem_firmware aqt1000_firmware ar8031_firmware c-v2x_9150_firmware csra6620_firmware csra6640_firmware fastconnect_6200_firmware qca6174a_firmware qca6310_firmware…	Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.	NVD-CWE-Other	CVE-2024-33027	2024-11-20 23:38	2024-08-6	Show	GitHub Exploit DB Packet Storm

313037	5.4	MEDIUM Network	librenms	librenms	LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Services" section of the Device Overview page allows authenticate…	CWE-79 Cross-site Scripting	CVE-2024-50352	2024-11-20 23:37	2024-11-16	Show	GitHub Exploit DB Packet Storm

313038	7.5	HIGH Network	anisha	farmacia	A vulnerability, which was classified as critical, has been found in code-projects Farmacia 1.0. This issue affects some unknown processing of the file /editar-produto.php. The manipulation of the ar…	CWE-89 SQL Injection	CVE-2024-11245	2024-11-20 23:36	2024-11-16	Show	GitHub Exploit DB Packet Storm

313039	9.8	CRITICAL Network	anisha	farmacia	A vulnerability classified as critical was found in code-projects Farmacia 1.0. This vulnerability affects unknown code of the file /editar-cliente.php. The manipulation of the argument id leads to s…	CWE-89 SQL Injection	CVE-2024-11244	2024-11-20 23:36	2024-11-16	Show	GitHub Exploit DB Packet Storm

313040	6.1	MEDIUM Network	cisco	identity_services_engine	A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exis…	CWE-79 Cross-site Scripting	CVE-2024-20538	2024-11-20 23:36	2024-11-7	Show	GitHub Exploit DB Packet Storm