Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 10, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 4231 | 6.6 |
警告
Local |
オラクル | Oracle Cloud Native Environment (Oracle CNE) Command Line Interface (CLI) | オラクルのOracle Cloud Native Environment (Oracle CNE) Command Line Interface (CLI)におけるコードインジェクションの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2026-35255 | 2026-05-8 12:10 | 2026-05-6 | Show | GitHub Exploit DB Packet Storm |
| 4232 | 5.5 |
警告
Local |
ikea | DIRIGERA Firmware | ikeaのDIRIGERA Firmwareにおけるサーバサイドのリクエストフォージェリの脆弱性 |
CWE-918
サーバサイドリクエストフォージェリ |
CVE-2026-3588 | 2026-05-8 12:10 | 2026-03-9 | Show | GitHub Exploit DB Packet Storm |
| 4233 | 10 |
緊急
Network |
Unisys | WebPerfect Image Suite | UnisysのWebPerfect Image Suiteにおけるフィルタリングの回避に関する脆弱性 |
CWE-441
フィルタリング回避 |
CVE-2026-39906 | 2026-05-8 12:10 | 2026-04-14 | Show | GitHub Exploit DB Packet Storm |
| 4234 | 10 |
緊急
Network |
Unisys | WebPerfect Image Suite | UnisysのWebPerfect Image Suiteにおけるファイル名やパス名の外部制御に関する脆弱性 |
CWE-73
ファイル名やパス名の外部制御 |
CVE-2026-39907 | 2026-05-8 12:10 | 2026-04-14 | Show | GitHub Exploit DB Packet Storm |
| 4235 | 7.5 |
重要
Network |
ZTE | ZXESM iEMS | ZTEのZXESM iEMSにおける不特定の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2026-40436 | 2026-05-8 12:10 | 2026-04-13 | Show | GitHub Exploit DB Packet Storm |
| 4236 | 7.5 |
重要
Network |
MIYAGAWA (Tatsuhiko Miyagawa) | Starman | MIYAGAWA (Tatsuhiko Miyagawa)のStarmanにおけるHTTP リクエストスマグリングに関する脆弱性 |
CWE-444
HTTP リクエストスマグリング |
CVE-2026-40560 | 2026-05-8 12:10 | 2026-04-29 | Show | GitHub Exploit DB Packet Storm |
| 4237 | 5.3 |
警告
Network |
Kazuho Oku (kazuho) | Starlet | Kazuho Oku (kazuho)のStarletにおけるHTTP リクエストスマグリングに関する脆弱性 |
CWE-444
HTTP リクエストスマグリング |
CVE-2026-40561 | 2026-05-8 12:10 | 2026-05-3 | Show | GitHub Exploit DB Packet Storm |
| 4238 | 7.5 |
重要
Network |
NERDVANA (Michael Conrad) | Crypt-SecretBuffer | NERDVANA (Michael Conrad)のCrypt-SecretBufferにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 |
CWE-208
タイミングの違いに起因する情報漏えい |
CVE-2026-5086 | 2026-05-8 12:10 | 2026-04-13 | Show | GitHub Exploit DB Packet Storm |
| 4239 | 7.5 |
重要
Network |
JDEGUEST (Jacques Deguest) | Apache::API::Password | JDEGUEST (Jacques Deguest)のApache::API::Passwordにおける暗号の脆弱な PRNG の使用に関する脆弱性 |
CWE-338
暗号における脆弱な PRNG の使用 |
CVE-2026-5088 | 2026-05-8 12:09 | 2026-04-15 | Show | GitHub Exploit DB Packet Storm |
| 4240 | 8.8 |
重要
Network |
Cerberus, LLC | Cerberus FTP Server | CerberusのCerberus FTP Serverにおける安全に保持されない継承されたパーミッションに関する脆弱性 |
CWE-278
安全に保持されない継承されたパーミッション |
CVE-2026-6265 | 2026-05-8 12:09 | 2026-04-27 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 10, 2026, 5 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 313831 | 5.5 |
MEDIUM
Local |
linux | linux_kernel | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Don't crash in stack_top() for tasks without vDSO Not all tasks have a vDSO mapped, for example kthreads never do. If … |
CWE-476
NULL Pointer Dereference |
CVE-2024-50133 | 2024-11-8 06:17 | 2024-11-6 | Show | GitHub Exploit DB Packet Storm |
| 313832 | 5.4 |
MEDIUM
Network |
basticom | framework | The Basticom Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.5.0 due to insufficient input sanitization and ou… |
CWE-79
Cross-site Scripting |
CVE-2024-9443 | 2024-11-8 05:56 | 2024-11-5 | Show | GitHub Exploit DB Packet Storm |
| 313833 | - | - | - | An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application. | - | CVE-2024-51358 | 2024-11-8 05:35 | 2024-11-6 | Show | GitHub Exploit DB Packet Storm | |
| 313834 | 4.3 |
MEDIUM
Network |
shaon | post_from_frontend | The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting posts, which could allow attackers to make logged in admin perform such action via a CSRF attack |
CWE-352
Origin Validation Error |
CVE-2024-9689 | 2024-11-8 05:35 | 2024-11-5 | Show | GitHub Exploit DB Packet Storm |
| 313835 | - | - | - | util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string. | - | CVE-2024-47855 | 2024-11-8 05:35 | 2024-10-4 | Show | GitHub Exploit DB Packet Storm | |
| 313836 | 5.5 |
MEDIUM
Local |
huawei | harmonyos | Vulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption. |
NVD-CWE-noinfo
|
CVE-2024-51513 | 2024-11-8 05:30 | 2024-11-5 | Show | GitHub Exploit DB Packet Storm |
| 313837 | 6.5 |
MEDIUM
Network |
qualcomm |
wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wcn7881_firmware wcn7880_firmware wcn7861_firmware wcn7860_firmware
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
|
CWE-416
|
Use After Free
CVE-2024-33068
|
2024-11-8 05:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 313838 | 6.5 |
MEDIUM
Network |
qualcomm |
wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wcn7881_firmware wcn7880_firmware wcn7861_firmware wcn7860_firmware
Transient DOS while processing the CU information from RNR IE.
|
CWE-125
|
Out-of-bounds Read
CVE-2024-38405
|
2024-11-8 05:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 313839 | 6.5 |
MEDIUM
Network |
qualcomm |
wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wcn7881_firmware wcn7880_firmware wcn7861_firmware wcn7860_firmware
Transient DOS while parsing BTM ML IE when per STA profile is not included.
|
CWE-125
|
Out-of-bounds Read
CVE-2024-38403
|
2024-11-8 05:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 313840 | 6.5 |
MEDIUM
Network |
qualcomm |
wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcn6755_firmware wcn3988_firmware
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
|
CWE-617
|
Reachable Assertion
CVE-2024-23385
|
2024-11-8 05:05 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|