Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4701 8.8 重要
Network 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-41142 2026-05-11 11:10 2026-05-7 Show GitHub Exploit DB Packet Storm
4702 7.7 重要
Network 		Istio Istio Istioにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41413 2026-05-11 11:09 2026-05-7 Show GitHub Exploit DB Packet Storm
4703 8.1 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-41496 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
4704 9.8 緊急
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性 CWE-77
CWE-78
CVE-2026-41497 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
4705 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41500 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
4706 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41501 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
4707 7.8 重要
Local 		Sebastian Bergmann PHPUnit Sebastian BergmannのPHPUnitにおける複数の脆弱性 CWE-88
CWE-93
CVE-2026-41570 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
4708 7.5 重要
Network 		Zcash Foundation Zebra-chain
Zebrad 		Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-41584 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
4709 5.3 警告
Network 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41645 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
4710 5.5 警告
Local 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41646 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313921 - - - By default, dedicated folders of ZEDMAIL for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZEDMAIL… - CVE-2024-46462 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313922 - - - Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext. - CVE-2024-46383 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313923 - - - Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN5G AMF <= 2.0.0 allows a remote attacker with access to the N2 interface to car… - CVE-2024-24450 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313924 - - - An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialUEMessage messa… - CVE-2024-24449 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313925 - - - A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup… - CVE-2024-24447 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313926 - - - A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportController.do of the component AuthInterce… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2024-11251 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313927 - - - A vulnerability was found in code-projects Inventory Management up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /model/editProduct.php. The manipulati… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2024-11250 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313928 - - - Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens,… CWE-285
Improper Authorization 		CVE-2024-52528 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313929 - - - Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved i… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-52525 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm
313930 - - - Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator defined external storage with fixed credentials, the API returns them and adds them into the frontend… CWE-200
Information Exposure 		CVE-2024-52523 2024-11-19 02:11 2024-11-16 Show GitHub Exploit DB Packet Storm