Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4241	7.3	重要 Network	yeti-platform	yeti	yeti-platformのyetiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2024-46507	2026-05-11 11:13	2026-05-8	Show	GitHub Exploit DB Packet Storm

4242	7.5	重要 Network	yeti-platform	yeti	yeti-platformのyetiにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2024-46508	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4243	9.8	緊急 Network	Frappe	ERPNext	FrappeのERPNextにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-38431	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4244	6.1	警告 Network	Frappe	ERPNext	FrappeのERPNextにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-38432	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4245	9.1	緊急 Network	CHORNY	Apache::Session	CHORNYのApache::Sessionにおける有効期限後または解放後のリソースの操作に関する脆弱性	CWE-672 有効期限後または解放後のリソースの操作	CVE-2013-10075	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4246	9.8	緊急 Network	PHPOffice	PhpSpreadsheet	PHPOfficeのPhpSpreadsheetにおける複数の脆弱性	CWE-502 CWE-918	CVE-2026-34084	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4247	5.4	警告 Network	PHPOffice	PhpSpreadsheet	PHPOfficeのPhpSpreadsheetにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-35453	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4248	9.1	緊急 Network	Zcash Foundation	Zebra-script Zebrad	Zcash FoundationのZebra-script等の複数製品における呼び出し元による仕様の不適切な準拠に関する脆弱性	CWE-573 呼び出し元による仕様の不適切な準拠	CVE-2026-41583	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4249	6.5	警告 Network	Zcash Foundation	zebra-rpc Zebrad	Zcash Foundationのzebra-rpc等の複数製品における複数の脆弱性	CWE-248 CWE-617	CVE-2026-41585	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4250	9.1	緊急 Network	Zcash Foundation	Zebra-script Zebrad	Zcash FoundationのZebra-script等の複数製品におけるデジタル署名の検証に関する脆弱性	CWE-347 デジタル署名の不適切な検証	CVE-2026-44497	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313401	-		-	-	Nextcloud Server is a self hosted personal cloud system. When a server is configured to only allow sharing with users that are in ones own groups, after a user was removed from a group, previously sh…	CWE-269 Improper Privilege Management	CVE-2024-52516	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313402	-		-	-	Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If t…	CWE-706 Use of Incorrectly-Resolved Name or Reference	CVE-2024-52515	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313403	5.3	MEDIUM Network	-	-	A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vu…	CWE-204 Response Discrepancy Information Exposure	CVE-2022-20633	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313404	6.1	MEDIUM Network	-	-	A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.…	-	CVE-2022-20632	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313405	5.8	MEDIUM Network	-	-	A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass c…	CWE-284 Improper Access Control	CVE-2021-34753	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313406	-		-	-	A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying …	CWE-20 Improper Input Validation	CVE-2021-34752	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313407	5.8	MEDIUM Network	-	-	Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerabi…	CWE-693 Protection Mechanism Failure	CVE-2021-1494	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313408	-		-	-	A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying file system of the …	CWE-59 Link Following	CVE-2021-1491	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313409	-		-	-	In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script	CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data	CVE-2024-52555	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

313410	-		-	-	Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to re…	-	CVE-2024-51164	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm