Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4211	5.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS RecursorにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33262	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4212	8.7	重要 Local	Linaro	OP-TEE Trusted OS	LinaroのOP-TEE Trusted OSにおける複数の脆弱性	CWE-125 CWE-787	CVE-2026-33317	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

4213	8.8	重要 Network	Actual Budget	Actual	Actual BudgetのActualにおける複数の脆弱性	CWE-284 CWE-862	CVE-2026-33318	2026-04-30 12:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

4214	7.5	重要 Network	FirebirdSQL	Firebird	FirebirdSQLのFirebirdにおける複数の脆弱性	CWE-120 CWE-502	CVE-2026-33337	2026-04-30 12:30	2026-04-17	Show	GitHub Exploit DB Packet Storm

4215	4.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS RecursorにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33600	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4216	4.9	警告 Network	PowerDNS	PowerDNS Recursor	PowerDNSのPowerDNS RecursorにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33601	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4217	9.1	緊急 Network	EspoCRM	EspoCRM	EspoCRMにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33656	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4218	7.2	重要 Network	EspoCRM	EspoCRM	EspoCRMにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-33733	2026-04-30 12:30	2026-04-22	Show	GitHub Exploit DB Packet Storm

4219	7.5	重要 Network	FirebirdSQL	Firebird	FirebirdSQLのFirebirdにおける不正な構文構造の不適切な処理に関する脆弱性	CWE-228 不正な構文構造の不適切な処理	CVE-2026-34232	2026-04-30 12:30	2026-04-17	Show	GitHub Exploit DB Packet Storm

4220	5.3	警告 Network	オラクル	Oracle GoldenGate	オラクルのOracle GoldenGateにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-34273	2026-04-30 12:30	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314981	7.5	HIGH Network	opentext	cx-e_voice	Path Traversal vulnerability discovered in OpenText™ CX-E Voice, affecting all version through 22.4. The vulnerability could allow arbitrarily access files on the system.	CWE-22 Path Traversal	CVE-2023-7260	2024-10-16 21:53	2024-08-23	Show	GitHub Exploit DB Packet Storm

314982	-		-	-	There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local "m2cuser" was greated with administrator privileges. This …	-	CVE-2024-9858	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314983	-		-	-	A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead…	CWE-1270 Generation of Incorrect Security Tokens	CVE-2023-32188	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314984	-		-	-	A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies t…	-	CVE-2023-22650	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314985	-		-	-	The BigBlueButton plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the moderator code and viewer code fields in versions up to, and including, 3.0.0-beta.4 due to insufficien…	CWE-79 Cross-site Scripting	CVE-2023-7296	2024-10-16 17:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314986	6.1	MEDIUM Network	-	-	The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.21 due to insufficient input sanitization and out…	CWE-79 Cross-site Scripting	CVE-2023-7295	2024-10-16 17:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314987	-		-	-	The Accordion Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ attribute of an accordion slider in all versions up to, and including, 1.9.11 due to insufficient…	CWE-79 Cross-site Scripting	CVE-2024-9582	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314988	6.5	MEDIUM Network	-	-	The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the edit_users c…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2023-7286	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314989	6.3	MEDIUM Network	-	-	The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce prot…	CWE-862 Missing Authorization	CVE-2022-4974	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

314990	8.8	HIGH Network	-	-	The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form a…	CWE-862 Missing Authorization	CVE-2021-4447	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm