Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4651 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 CWE-693
CWE-94
CVE-2026-24118 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
4652 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 CWE-693
CWE-94
CVE-2026-24120 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
4653 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における複数の脆弱性 CWE-693
CWE-94
CVE-2026-24781 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
4654 6.3 警告
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-25077 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
4655 9.1 緊急
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-25199 2026-05-11 11:12 2026-05-8 Show GitHub Exploit DB Packet Storm
4656 7.5 重要
Network 		マイクロソフト Microsoft 365 Copilot BizChat M365 Copilot の情報漏えいの脆弱性 CWE-138
特殊要素の不適切な無害化 		CVE-2026-26129 2026-05-11 11:12 2026-05-7 Show GitHub Exploit DB Packet Storm
4657 7.5 重要
Network 		マイクロソフト Microsoft 365 Copilot BizChat M365 Copilot の情報漏えいの脆弱性 CWE-74
インジェクション 		CVE-2026-26164 2026-05-11 11:12 2026-05-7 Show GitHub Exploit DB Packet Storm
4658 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-26956 2026-05-11 11:12 2026-05-4 Show GitHub Exploit DB Packet Storm
4659 6.5 警告
Network 		Traccar Ltd Traccar Traccar LtdのTraccarにおけるCSV ファイル内の数式要素の中和に関する脆弱性 CWE-1236
CSV ファイル内の数式要素の不適切な中和 		CVE-2026-27644 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
4660 5.4 警告
Network 		Traccar Ltd Traccar Traccar LtdのTraccarにおけるブラインド XPath インジェクションの脆弱性 CWE-91
ブラインド XPath インジェクション 		CVE-2026-27693 2026-05-11 11:12 2026-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313791 7.2 HIGH
Network 		ivanti endpoint_manager SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code … CWE-89
SQL Injection 		CVE-2024-50326 2024-11-19 03:15 2024-11-13 Show GitHub Exploit DB Packet Storm
313792 9.8 CRITICAL
Network 		gzequan eq_enterprise_management_system An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests. CWE-22
Path Traversal 		CVE-2024-44761 2024-11-19 03:15 2024-08-29 Show GitHub Exploit DB Packet Storm
313793 6.1 MEDIUM
Network 		cysoft168 super_easy_enterprise_management_system Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html … CWE-79
Cross-site Scripting 		CVE-2024-42678 2024-11-19 03:15 2024-08-15 Show GitHub Exploit DB Packet Storm
313794 7.2 HIGH
Network 		ivanti endpoint_manager SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code … CWE-89
SQL Injection 		CVE-2024-50328 2024-11-19 03:08 2024-11-13 Show GitHub Exploit DB Packet Storm
313795 8.8 HIGH
Network 		ivanti endpoint_manager Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User int… CWE-22
Path Traversal 		CVE-2024-50329 2024-11-19 03:07 2024-11-13 Show GitHub Exploit DB Packet Storm
313796 7.8 HIGH
Local 		adobe photoshop Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the curren… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2024-49514 2024-11-19 03:06 2024-11-13 Show GitHub Exploit DB Packet Storm
313797 6.5 MEDIUM
Network 		progress telerik_document_processing_libraries In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessive processing, leading to excessive use o… NVD-CWE-noinfo
CVE-2024-8049 2024-11-19 02:46 2024-11-14 Show GitHub Exploit DB Packet Storm
313798 6.2 MEDIUM
Local 		progress telerik_report_server In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this informat… CWE-798
 Use of Hard-coded Credentials 		CVE-2024-7295 2024-11-19 02:41 2024-11-14 Show GitHub Exploit DB Packet Storm
313799 - - - A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected syste… CWE-200
Information Exposure 		CVE-2020-3525 2024-11-19 02:35 2024-11-19 Show GitHub Exploit DB Packet Storm
313800 - - - Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions (in broadcast mode) via multiple read o… - CVE-2024-52876 2024-11-19 02:35 2024-11-17 Show GitHub Exploit DB Packet Storm