Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
421 7.5 重要
Network 		マイクロソフト Microsoft Entra ID Microsoft Entra ID のスプーフィングの脆弱性 CWE-200
情報漏えい 		CVE-2026-40379 2026-05-25 10:22 2026-05-12 Show GitHub Exploit DB Packet Storm
422 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-4055 2026-05-25 10:22 2026-05-21 Show GitHub Exploit DB Packet Storm
423 7.8 重要
Local 		Samba Project rsync Samba Projectのrsyncにおけるレングスパラメーターの不整合による処理に関する脆弱性 CWE-130
レングスパラメーターの不整合による不適切な処理 		CVE-2026-41035 2026-05-25 10:22 2026-04-16 Show GitHub Exploit DB Packet Storm
424 9.8 緊急
Network 		NASA F Prime NASAのF Primeにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-41144 2026-05-25 10:22 2026-04-22 Show GitHub Exploit DB Packet Storm
425 7.8 重要
Local 		DevSpace DevSpace DevSpaceにおける複数の脆弱性 CWE-200
CWE-306
CVE-2026-42283 2026-05-25 10:22 2026-05-14 Show GitHub Exploit DB Packet Storm
426 10 緊急
Network 		マイクロソフト
The Foreman		 Azure Resource Manager
Azure Local 		Azure Local 向けディスコネクテッド オペレーション サービスの特権昇格の脆弱性 CWE-287
CWE-noinfo
CVE-2026-42822 2026-05-25 10:22 2026-05-18 Show GitHub Exploit DB Packet Storm
427 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不完全なクリーンアップに関する脆弱性 CWE-459
不完全なクリーンアップ 		CVE-2026-43395 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
428 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-43396 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
429 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-43397 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
430 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-43398 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311031 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm… NVD-CWE-noinfo
CVE-2024-50107 2024-11-9 06:27 2024-11-6 Show GitHub Exploit DB Packet Storm
311032 7.2 HIGH
Network 		netgear ex3700_firmware Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operating_mode.cgi via the ap_mode parameter with ap_24g_manual set to 1 a… CWE-77
Command Injection 		CVE-2024-35522 2024-11-9 06:25 2024-10-12 Show GitHub Exploit DB Packet Storm
311033 7.2 HIGH
Network 		netgear xr1000_firmware Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter. CWE-77
Command Injection 		CVE-2024-35517 2024-11-9 06:24 2024-10-12 Show GitHub Exploit DB Packet Storm
311034 7.5 HIGH
Network 		everestthemes everest_backup The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via … CWE-922
 Insecure Storage of Sensitive Information 		CVE-2024-10028 2024-11-9 06:21 2024-11-6 Show GitHub Exploit DB Packet Storm
311035 6.1 MEDIUM
Network 		westguardsolutions ws_form The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping … CWE-79
Cross-site Scripting 		CVE-2024-10647 2024-11-9 06:20 2024-11-6 Show GitHub Exploit DB Packet Storm
311036 4.3 MEDIUM
Network 		tumult tumult_hype_animations The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimations_getcontent function in all versions up to, and inc… CWE-862
 Missing Authorization 		CVE-2024-10543 2024-11-9 06:19 2024-11-6 Show GitHub Exploit DB Packet Storm
311037 5.3 MEDIUM
Network 		martinvalchev video_gallery_for_woocommerce The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the remove_unused_thumbnails() function in all versions … CWE-862
 Missing Authorization 		CVE-2024-10535 2024-11-9 06:19 2024-11-6 Show GitHub Exploit DB Packet Storm
311038 8.1 HIGH
Network 		heateor social_login The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.1.35. This is due to insufficient verification on the user being… NVD-CWE-noinfo
CVE-2024-10020 2024-11-9 06:19 2024-11-6 Show GitHub Exploit DB Packet Storm
311039 5.3 MEDIUM
Network 		theinnovs eleforms The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in all v… CWE-862
 Missing Authorization 		CVE-2024-6626 2024-11-9 06:18 2024-11-6 Show GitHub Exploit DB Packet Storm
311040 9.8 CRITICAL
Network 		fortinet fortimanager_cloud
fortimanager 		A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through… CWE-306
Missing Authentication for Critical Function 		CVE-2024-47575 2024-11-9 06:16 2024-10-24 Show GitHub Exploit DB Packet Storm