Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4521	8.5	重要 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-862 CWE-918	CVE-2026-42439	2026-05-8 12:22	2026-05-5	Show	GitHub Exploit DB Packet Storm

4522	7.5	重要 Network	Apache Software Foundation	Apache OpenNLP	Apache Software FoundationのApache OpenNLPにおける過剰なサイズ値のメモリ割り当てに関する脆弱性	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-42440	2026-05-8 12:22	2026-05-4	Show	GitHub Exploit DB Packet Storm

4523	6.1	警告 Network	Apache Software Foundation	Apache Wicket	Apache Software FoundationのApache Wicketにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42509	2026-05-8 12:22	2026-05-6	Show	GitHub Exploit DB Packet Storm

4524	4.3	警告 Network	Jenkins プロジェクト	Script Security	JenkinsのScript Securityにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-42519	2026-05-8 12:22	2026-04-29	Show	GitHub Exploit DB Packet Storm

4525	7.5	重要 Network	Jenkins プロジェクト	Credentials Binding	JenkinsのCredentials Bindingにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-42520	2026-05-8 12:22	2026-04-29	Show	GitHub Exploit DB Packet Storm

4526	6.5	警告 Network	Jenkins プロジェクト	Matrix Authorization Strategy	JenkinsのMatrix Authorization Strategyにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-42521	2026-05-8 12:22	2026-04-29	Show	GitHub Exploit DB Packet Storm

4527	4.3	警告 Network	Jenkins プロジェクト	GitHub Branch Source	JenkinsのGitHub Branch Sourceにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-42522	2026-05-8 12:22	2026-04-29	Show	GitHub Exploit DB Packet Storm

4528	7.5	重要 Network	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-43057	2026-05-8 12:22	2026-05-1	Show	GitHub Exploit DB Packet Storm

4529	9.3	緊急 Network	OpenClaw	OpenClaw	OpenClawにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-43526	2026-05-8 12:22	2026-05-5	Show	GitHub Exploit DB Packet Storm

4530	7.7	重要 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-1188 CWE-918	CVE-2026-43527	2026-05-8 12:21	2026-05-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314771	-		-	-	Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive profiles information, posing a significant risk to data integrity.	-	CVE-2024-30616	2024-11-6 01:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

314772	6.1	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS…	CWE-79 Cross-site Scripting	CVE-2024-20372	2024-11-6 01:04	2024-10-24	Show	GitHub Exploit DB Packet Storm

314773	4.6	MEDIUM Network	radixiot	mango	MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI) vulnerability via the Platform Management Edit page.	CWE-94 Code Injection	CVE-2024-37846	2024-11-6 01:03	2024-10-26	Show	GitHub Exploit DB Packet Storm

314774	5.4	MEDIUM Network	radixiot	mango	A stored cross-site scripting (XSS) vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.	CWE-79 Cross-site Scripting	CVE-2024-37844	2024-11-6 01:03	2024-10-26	Show	GitHub Exploit DB Packet Storm

314775	5.4	MEDIUM Network	cisco	firepower_management_center	A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due …	CWE-79 Cross-site Scripting	CVE-2024-20387	2024-11-6 01:00	2024-10-24	Show	GitHub Exploit DB Packet Storm

314776	8.8	HIGH Network	radixiot	mangoapi mango	An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file.	CWE-22 Path Traversal	CVE-2024-37847	2024-11-6 00:47	2024-10-26	Show	GitHub Exploit DB Packet Storm

314777	-		-	-	An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to execute a horizontal-privilege escalation.	-	CVE-2024-48217	2024-11-6 00:35	2024-11-2	Show	GitHub Exploit DB Packet Storm

314778	8.4	HIGH Local	cisco	firepower_threat_defense	A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system usin…	CWE-798 Use of Hard-coded Credentials	CVE-2024-20412	2024-11-6 00:03	2024-10-24	Show	GitHub Exploit DB Packet Storm

314779	5.8	MEDIUM Network	cisco	firepower_threat_defense	A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This …	NVD-CWE-noinfo	CVE-2024-20431	2024-11-5 23:47	2024-10-24	Show	GitHub Exploit DB Packet Storm

314780	8.8	HIGH Network	tenda	ac15_firmware	A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argumen…	CWE-787 Out-of-bounds Write	CVE-2024-10662	2024-11-5 23:30	2024-11-2	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed