Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
411 9.8 緊急
Network 		フォーティネット FortiAuthenticator フォーティネットのFortiAuthenticatorにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-44277 2026-05-18 11:25 2026-05-12 Show GitHub Exploit DB Packet Storm
412 5.5 警告
Local 		フォーティネット FortiClient フォーティネットのFortiClientにおけるハードコードされた暗号鍵の使用に関する脆弱性 New CWE-321
ハードコードされた暗号鍵の使用 		CVE-2026-44278 2026-05-18 11:25 2026-05-12 Show GitHub Exploit DB Packet Storm
413 5.5 警告
Local 		フォーティネット FortiToken Mobile フォーティネットのFortiToken MobileにおけるAndroid アプリケーションコンポーネントの不適切なエクスポートの脆弱性 New CWE-926
Android アプリケーションコンポーネントの不適切なエクスポート 		CVE-2026-44279 2026-05-18 11:25 2026-05-12 Show GitHub Exploit DB Packet Storm
414 4.3 警告
Network 		etcd etcd etcd-ioのetcdにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-44283 2026-05-18 11:25 2026-05-14 Show GitHub Exploit DB Packet Storm
415 5.3 警告
Network 		MISP MISP MISPにおける入力確認に関する脆弱性 New CWE-20
CWE-noinfo
CVE-2026-44379 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
416 7.2 重要
Network 		MISP MISP MISPにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-44380 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
417 5.3 警告
Network 		MISP MISP MISPにおけるSQL インジェクションの脆弱性 New CWE-89
SQLインジェクション 		CVE-2026-44381 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
418 6.5 警告
Network 		Frappe ERPNext FrappeのERPNextにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-44448 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
419 7.1 重要
Network 		DataHub project DataHub DataHubにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-44501 2026-05-18 11:25 2026-05-14 Show GitHub Exploit DB Packet Storm
420 9.1 緊急
Network 		Graham Steffaniak(gtsteffaniak) FileBrowser Quantum Graham Steffaniak(gtsteffaniak)のFileBrowser Quantumにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-44542 2026-05-18 11:25 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311891 6.8 MEDIUM
Physics 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial consol… CWE-798
 Use of Hard-coded Credentials 		CVE-2024-8449 2024-10-5 00:08 2024-09-30 Show GitHub Exploit DB Packet Storm
311892 8.8 HIGH
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and o… CWE-798
 Use of Hard-coded Credentials 		CVE-2024-8448 2024-10-5 00:07 2024-09-30 Show GitHub Exploit DB Packet Storm
311893 4.8 MEDIUM
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject ar… CWE-79
Cross-site Scripting 		CVE-2024-8457 2024-10-4 23:45 2024-09-30 Show GitHub Exploit DB Packet Storm
311894 9.8 CRITICAL
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and sy… CWE-306
Missing Authentication for Critical Function 		CVE-2024-8456 2024-10-4 23:45 2024-09-30 Show GitHub Exploit DB Packet Storm
311895 5.9 MEDIUM
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware
igs-5225-4up1t2s_firmware 		The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user p… CWE-326
Inadequate Encryption Strength 		CVE-2024-8455 2024-10-4 23:45 2024-09-30 Show GitHub Exploit DB Packet Storm
311896 4.9 MEDIUM
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and ob… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-8459 2024-10-4 23:42 2024-09-30 Show GitHub Exploit DB Packet Storm
311897 8.8 HIGH
Network 		planet gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware 		Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malici… CWE-352
 Origin Validation Error 		CVE-2024-8458 2024-10-4 23:42 2024-09-30 Show GitHub Exploit DB Packet Storm
311898 7.5 HIGH
Network 		echostar fusion Credentials to access device configuration were transmitted using an unencrypted protocol. These credentials would allow read-only access to network configuration information and terminal configurati… NVD-CWE-noinfo
CVE-2024-42495 2024-10-4 23:37 2024-09-6 Show GitHub Exploit DB Packet Storm
311899 4.6 MEDIUM
Physics 		echostar fusion Credentials to access device configuration information stored unencrypted in flash memory. These credentials would allow read-only access to network configuration information and terminal configurati… CWE-522
 Insufficiently Protected Credentials 		CVE-2024-39278 2024-10-4 23:36 2024-09-6 Show GitHub Exploit DB Packet Storm
311900 - - - Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_zip function. - CVE-2024-46080 2024-10-4 22:51 2024-10-2 Show GitHub Exploit DB Packet Storm