Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
421 7.1 重要
Local 		gitpython project gitpython gitpython projectのgitpythonにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-44243 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
422 9.1 緊急
Network 		The Tor Project Tor The Tor ProjectのTorにおける指定された機能の不適切な提供に関する脆弱性 New CWE-684
指定された機能の不適切な提供 		CVE-2026-44597 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
423 5.3 警告
Network 		The Tor Project Tor The Tor ProjectのTorにおける領域間での誤ったリソース移動に関する脆弱性 New CWE-669
領域間での誤ったリソース移動 		CVE-2026-44599 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
424 5.3 警告
Network 		The Tor Project Tor The Tor ProjectのTorにおける不適切な動作順序に関する脆弱性 New CWE-696
不適切な動作順序 		CVE-2026-44600 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
425 9.1 緊急
Network 		The Tor Project Tor The Tor ProjectのTorにおける境界条件の判定に関する脆弱性 New CWE-193
境界条件の判定 		CVE-2026-44603 2026-05-11 10:55 2026-05-7 Show GitHub Exploit DB Packet Storm
426 5.3 警告
Network 		Django Software Foundation Django Django Software FoundationのDjangoにおけるレングスパラメーターの不整合による処理に関する脆弱性 New CWE-130
レングスパラメーターの不整合による不適切な処理 		CVE-2026-5766 2026-05-11 10:55 2026-05-5 Show GitHub Exploit DB Packet Storm
427 8.8 重要
Network 		Ivanti endpoint manager mobile Ivantiのendpoint manager mobileにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-5786 2026-05-11 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
428 9.1 緊急
Network 		Ivanti endpoint manager mobile Ivantiのendpoint manager mobileにおける証明書検証に関する脆弱性 New CWE-295
不正な証明書検証 		CVE-2026-5787 2026-05-11 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
429 9.8 緊急
Network 		Ivanti endpoint manager mobile Ivantiのendpoint manager mobileにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-5788 2026-05-11 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
430 8.8 重要
Network 		HKUDS OpenHarness HKUDSのOpenHarnessにおける不適切なデフォルトパーミッションに関する脆弱性 New CWE-276
不適切なデフォルトパーミッション 		CVE-2026-6819 2026-05-11 10:54 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312391 8.8 HIGH
Network 		qnap qts
quts_hero 		An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTSclou… CWE-78
OS Command  		CVE-2023-34974 2024-09-14 06:14 2024-09-7 Show GitHub Exploit DB Packet Storm
312392 6.2 MEDIUM
Local 		huawei emui
harmonyos 		Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality. NVD-CWE-noinfo
CVE-2024-42037 2024-09-14 06:13 2024-08-8 Show GitHub Exploit DB Packet Storm
312393 6.1 MEDIUM
Network 		qnap qulog_center A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed t… CWE-79
Cross-site Scripting 		CVE-2024-32762 2024-09-14 06:10 2024-09-7 Show GitHub Exploit DB Packet Storm
312394 7.5 HIGH
Network 		huawei harmonyos
emui 		Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality. NVD-CWE-noinfo
CVE-2024-42036 2024-09-14 06:09 2024-08-8 Show GitHub Exploit DB Packet Storm
312395 9.8 CRITICAL
Network 		wpwebelite docket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPWeb Elite Docket (WooCommerce Collections / Wishlist / Watchlist) allows SQL Injection.This iss… CWE-89
SQL Injection 		CVE-2024-43132 2024-09-14 06:07 2024-08-30 Show GitHub Exploit DB Packet Storm
312396 4.8 MEDIUM
Network 		qnap helpdesk A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We h… CWE-79
Cross-site Scripting 		CVE-2024-27125 2024-09-14 06:06 2024-09-7 Show GitHub Exploit DB Packet Storm
312397 7.2 HIGH
Network 		salonbookingsystem salon_booking_system Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking s… CWE-89
SQL Injection 		CVE-2024-39658 2024-09-14 06:04 2024-08-30 Show GitHub Exploit DB Packet Storm
312398 9.8 CRITICAL
Network 		e4jconnect vikrentcar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0. CWE-89
SQL Injection 		CVE-2024-39653 2024-09-14 06:03 2024-08-30 Show GitHub Exploit DB Packet Storm
312399 8.8 HIGH
Network 		roundupwp registrations_for_the_events_calendar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roundup WP Registrations for the Events Calendar allows SQL Injection.This issue affects Registra… CWE-89
SQL Injection 		CVE-2024-39638 2024-09-14 06:00 2024-08-30 Show GitHub Exploit DB Packet Storm
312400 8.8 HIGH
Network 		pricelisto great_restaurant_menu_wp Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restau… CWE-89
SQL Injection 		CVE-2024-38793 2024-09-14 05:57 2024-08-30 Show GitHub Exploit DB Packet Storm