Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5101 7.5 重要
Network 		アップル iOS
iPadOS 		アップルのiPadOS等の複数製品におけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性 CWE-451
ユーザインターフェースにおける重要情報の誤った表示 		CVE-2025-46311 2026-05-14 10:23 2026-05-12 Show GitHub Exploit DB Packet Storm
5102 4.7 警告
Network 		ISPConfig ISPConfig ISPConfigにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-52206 2026-05-14 10:23 2026-05-5 Show GitHub Exploit DB Packet Storm
5103 7.3 重要
Network 		AstrBot AstrBot AstrBotにおけるハードコードされた暗号鍵の使用に関する脆弱性 CWE-321
ハードコードされた暗号鍵の使用 		CVE-2025-55449 2026-05-14 10:23 2026-05-8 Show GitHub Exploit DB Packet Storm
5104 7.2 重要
Network 		Check MK Check MK Check MKにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2025-64998 2026-05-14 10:22 2026-03-24 Show GitHub Exploit DB Packet Storm
5105 6.5 警告
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性 CWE-359
認可されていないアクターへの個人情報の漏えい 		CVE-2025-66171 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
5106 8.1 重要
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性 CWE-359
認可されていないアクターへの個人情報の漏えい 		CVE-2025-66172 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
5107 7.2 重要
Network 		Dolibarr ERP & CRM dolibarr erp/crm Dolibarr ERP & CRMのdolibarr erp/crmにおけるインジェクションに関する脆弱性 CWE-74
インジェクション 		CVE-2025-67486 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
5108 9.1 緊急
Network 		Electric Sheep Fencing pfSense Electric Sheep FencingのpfSenseにおける複数の脆弱性 CWE-502
CWE-915
CVE-2025-69690 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
5109 9.9 緊急
Network 		Electric Sheep Fencing pfSense Electric Sheep FencingのpfSenseにおける複数の脆弱性 CWE-284
CWE-915
CVE-2025-69691 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
5110 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2025-71271 2026-05-14 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
315381 8.8 HIGH
Network 		ithemelandco woocommerce_report The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settin… CWE-352
 Origin Validation Error 		CVE-2024-10711 2024-11-8 02:04 2024-11-5 Show GitHub Exploit DB Packet Storm
315382 8.1 HIGH
Network 		wpwebelite woocommerce_-_social_login The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.7.7. This is due to insufficient verification on the user being retu… NVD-CWE-noinfo
CVE-2024-10114 2024-11-8 02:04 2024-11-5 Show GitHub Exploit DB Packet Storm
315383 5.5 MEDIUM
Local 		huawei harmonyos Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability. NVD-CWE-noinfo
CVE-2024-51512 2024-11-8 02:03 2024-11-5 Show GitHub Exploit DB Packet Storm
315384 5.5 MEDIUM
Local 		huawei harmonyos Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability. NVD-CWE-noinfo
CVE-2024-51511 2024-11-8 02:03 2024-11-5 Show GitHub Exploit DB Packet Storm
315385 5.5 MEDIUM
Local 		huawei harmonyos
emui 		Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality. CWE-787
 Out-of-bounds Write 		CVE-2024-51510 2024-11-8 02:03 2024-11-5 Show GitHub Exploit DB Packet Storm
315386 - - - Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 20… - CVE-2024-6245 2024-11-8 01:15 2024-10-29 Show GitHub Exploit DB Packet Storm
315387 6.5 MEDIUM
Network 		mongodb mongodb prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no prima… NVD-CWE-Other
CVE-2024-8305 2024-11-8 00:38 2024-10-22 Show GitHub Exploit DB Packet Storm
315388 6.1 MEDIUM
Network 		klokantech maptiler_tileserver_gl A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argume… CWE-79
Cross-site Scripting 		CVE-2024-10503 2024-11-8 00:30 2024-10-30 Show GitHub Exploit DB Packet Storm
315389 7.5 HIGH
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. Nginx UI v2.0.0-beta.35 and earlier gets the value from the json field without verification, and can construct a value value in the form of … CWE-22
Path Traversal 		CVE-2024-49366 2024-11-8 00:15 2024-10-22 Show GitHub Exploit DB Packet Storm
315390 7.5 HIGH
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, the log path of nginxui is controllable. This issue can be combined with the directory traversal at `/api/co… CWE-862
 Missing Authorization 		CVE-2024-49367 2024-11-7 23:57 2024-10-22 Show GitHub Exploit DB Packet Storm