Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5271 6.6 警告
Local 		オラクル Oracle Cloud Native Environment (Oracle CNE) Command Line Interface (CLI) オラクルのOracle Cloud Native Environment (Oracle CNE) Command Line Interface (CLI)におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-35255 2026-05-8 12:10 2026-05-6 Show GitHub Exploit DB Packet Storm
5272 5.5 警告
Local 		ikea DIRIGERA Firmware ikeaのDIRIGERA Firmwareにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-3588 2026-05-8 12:10 2026-03-9 Show GitHub Exploit DB Packet Storm
5273 10 緊急
Network 		Unisys WebPerfect Image Suite UnisysのWebPerfect Image Suiteにおけるフィルタリングの回避に関する脆弱性 CWE-441
フィルタリング回避 		CVE-2026-39906 2026-05-8 12:10 2026-04-14 Show GitHub Exploit DB Packet Storm
5274 10 緊急
Network 		Unisys WebPerfect Image Suite UnisysのWebPerfect Image Suiteにおけるファイル名やパス名の外部制御に関する脆弱性 CWE-73
ファイル名やパス名の外部制御 		CVE-2026-39907 2026-05-8 12:10 2026-04-14 Show GitHub Exploit DB Packet Storm
5275 7.5 重要
Network 		ZTE ZXESM iEMS ZTEのZXESM iEMSにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-40436 2026-05-8 12:10 2026-04-13 Show GitHub Exploit DB Packet Storm
5276 7.5 重要
Network 		MIYAGAWA (Tatsuhiko Miyagawa) Starman MIYAGAWA (Tatsuhiko Miyagawa)のStarmanにおけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-40560 2026-05-8 12:10 2026-04-29 Show GitHub Exploit DB Packet Storm
5277 5.3 警告
Network 		Kazuho Oku (kazuho) Starlet Kazuho Oku (kazuho)のStarletにおけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-40561 2026-05-8 12:10 2026-05-3 Show GitHub Exploit DB Packet Storm
5278 7.5 重要
Network 		NERDVANA (Michael Conrad) Crypt-SecretBuffer NERDVANA (Michael Conrad)のCrypt-SecretBufferにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-5086 2026-05-8 12:10 2026-04-13 Show GitHub Exploit DB Packet Storm
5279 7.5 重要
Network 		JDEGUEST (Jacques Deguest) Apache::API::Password JDEGUEST (Jacques Deguest)のApache::API::Passwordにおける暗号の脆弱な PRNG の使用に関する脆弱性 CWE-338
暗号における脆弱な PRNG の使用 		CVE-2026-5088 2026-05-8 12:09 2026-04-15 Show GitHub Exploit DB Packet Storm
5280 8.8 重要
Network 		Cerberus, LLC Cerberus FTP Server CerberusのCerberus FTP Serverにおける安全に保持されない継承されたパーミッションに関する脆弱性 CWE-278
安全に保持されない継承されたパーミッション 		CVE-2026-6265 2026-05-8 12:09 2026-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314351 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2023-4348 2024-11-15 21:15 2024-11-15 Show GitHub Exploit DB Packet Storm
314352 9.8 CRITICAL
Network 		- - Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device… CWE-78
OS Command  		CVE-2024-11120 2024-11-15 11:15 2024-11-15 Show GitHub Exploit DB Packet Storm
314353 9.1 CRITICAL
Network 		paloaltonetworks expedition An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, a… CWE-89
SQL Injection 		CVE-2024-9465 2024-11-15 11:00 2024-10-10 Show GitHub Exploit DB Packet Storm
314354 7.5 HIGH
Network 		paloaltonetworks expedition An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cle… CWE-78
OS Command  		CVE-2024-9463 2024-11-15 11:00 2024-10-10 Show GitHub Exploit DB Packet Storm
314355 5.4 MEDIUM
Network 		ladybirdweb faveo_helpdesk An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields CWE-79
Cross-site Scripting 		CVE-2024-51377 2024-11-15 08:23 2024-11-2 Show GitHub Exploit DB Packet Storm
314356 9.8 CRITICAL
Network 		olivegroup olivevle An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function. CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2024-48428 2024-11-15 08:15 2024-10-26 Show GitHub Exploit DB Packet Storm
314357 7.5 HIGH
Network 		plenti plenti Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti use… CWE-22
Path Traversal 		CVE-2024-49381 2024-11-15 08:04 2024-10-25 Show GitHub Exploit DB Packet Storm
314358 8.8 HIGH
Network 		autolabproject autolab Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient… CWE-863
 Incorrect Authorization 		CVE-2024-49376 2024-11-15 07:49 2024-10-25 Show GitHub Exploit DB Packet Storm
314359 9.8 CRITICAL
Network 		vice webopac Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents. CWE-89
SQL Injection 		CVE-2024-11016 2024-11-15 06:53 2024-11-11 Show GitHub Exploit DB Packet Storm
314360 9.8 CRITICAL
Network 		matrixcomsec cosec_vega_faxq_firmware This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vu… NVD-CWE-Other
CVE-2024-10381 2024-11-15 06:44 2024-10-25 Show GitHub Exploit DB Packet Storm