Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4301	7.2	重要 Local	click project	click	Pallets projectのClickにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-7246	2026-05-1 10:49	2026-04-30	Show	GitHub Exploit DB Packet Storm

4302	7.8	重要 Local	LizardSystems	Terminal Services Manager	LizardSystemsのTerminal Services Managerにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2018-25259	2026-05-1 10:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

4303	5.5	警告 Local	EZB Systems	UltraISO	EZB SystemsのUltraISOにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2018-25267	2026-05-1 10:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

4304	6.1	警告 Network	IceWarp, Inc.	icewarp	IceWarp, Inc.のicewarpにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2018-25269	2026-05-1 10:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

4305	8.1	重要 Network	レッドハット	openshift ai	レッドハットのopenshift aiにおける隔離または分類に関する脆弱性	CWE-653 不適切な隔離または分類	CVE-2025-12805	2026-05-1 10:49	2026-03-26	Show	GitHub Exploit DB Packet Storm

4306	7.1	重要 Local	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける複数の脆弱性	CWE-121 CWE-787 CWE-787	CVE-2026-0819	2026-05-1 10:49	2026-03-19	Show	GitHub Exploit DB Packet Storm

4307	6.3	警告 Network	libssh レッドハット	Red Hat OpenShift Container Platform Red Hat Enterprise Linux libssh Red Hat Hardened Images	libssh等の複数ベンダの製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-0964	2026-05-1 10:49	2026-03-26	Show	GitHub Exploit DB Packet Storm

4308	8.2	重要 Network	libssh レッドハット	Red Hat OpenShift Container Platform Red Hat Enterprise Linux libssh Red Hat Hardened Images	libssh等の複数ベンダの製品におけるバッファアンダーフローの脆弱性	CWE-124 バッファアンダーフロー	CVE-2026-0966	2026-05-1 10:49	2026-03-26	Show	GitHub Exploit DB Packet Storm

4309	5.3	警告 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2026-1005	2026-05-1 10:49	2026-03-19	Show	GitHub Exploit DB Packet Storm

4310	7.8	重要 Local	マイクロソフト	Microsoft 365 Apps Office Long Term Servicing Channel (LTSC)	Microsoft Word のリモートでコードが実行される脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-23657	2026-05-1 10:49	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314181	6.5	MEDIUM Network	shudong-share_project	shudong-share	A vulnerability classified as critical has been found in HFO4 shudong-share up to 2.4.7. This affects an unknown part of the file /includes/create_share.php of the component Share Handler. The manipu…	CWE-89 SQL Injection	CVE-2024-10129	2024-10-31 06:15	2024-10-19	Show	GitHub Exploit DB Packet Storm

314182	9.8	CRITICAL Network	najeebmedia	frontend_file_manager post_front-end_form	The Frontend File Manager (versions < 4.0), N-Media Post Front-end Form (versions < 1.1) plugins for WordPress are vulnerable to arbitrary file uploads due to missing file type validation via the `nm…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2016-15042	2024-10-31 06:12	2024-10-16	Show	GitHub Exploit DB Packet Storm

314183	9.8	CRITICAL Network	themehunk	wp_popup_builder	The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all ve…	CWE-94 Code Injection	CVE-2024-9061	2024-10-31 06:11	2024-10-16	Show	GitHub Exploit DB Packet Storm

314184	6.5	MEDIUM Network	suse	rancher	A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. [Rancher Audit Logging](https://ranchermanager.docs.rancher.com/how-to-guides/advanced-use…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2023-22649	2024-10-31 06:08	2024-10-16	Show	GitHub Exploit DB Packet Storm

314185	9.8	CRITICAL Network	motopress	timetable_and_event_schedule	The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wp_ajax_route_url() function called via a nopriv AJAX…	CWE-862 Missing Authorization	CVE-2020-36840	2024-10-31 06:06	2024-10-16	Show	GitHub Exploit DB Packet Storm

314186	8.8	HIGH Network	wpvivid	migration\ _backup\ _staging	The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvivid_upload_import_files and wpvivid_upload_files AJA…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-36842	2024-10-31 06:03	2024-10-16	Show	GitHub Exploit DB Packet Storm

314187	5.3	MEDIUM Network	strategy11	formidable_form_builder	The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for u…	NVD-CWE-noinfo	CVE-2017-20194	2024-10-31 06:00	2024-10-16	Show	GitHub Exploit DB Packet Storm

314188	6.1	MEDIUM Network	solarwinds	solarwinds_platform	The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements.	CWE-79 Cross-site Scripting	CVE-2024-45715	2024-10-31 05:59	2024-10-16	Show	GitHub Exploit DB Packet Storm

314189	5.4	MEDIUM Network	gtranslate	google_language_translator	The Google Language Translator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple parameters in versions up to, and including, 6.0.9 due to insufficient input sanitizat…	CWE-79 Cross-site Scripting	CVE-2021-4452	2024-10-31 05:57	2024-10-16	Show	GitHub Exploit DB Packet Storm

314190	4.3	MEDIUM Network	sinaextra	sina_extension_for_elementor	The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-moda…	CWE-200 Information Exposure	CVE-2024-9540	2024-10-31 05:56	2024-10-16	Show	GitHub Exploit DB Packet Storm