Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5271 6.6 警告
Local 		オラクル Oracle Cloud Native Environment (Oracle CNE) Command Line Interface (CLI) オラクルのOracle Cloud Native Environment (Oracle CNE) Command Line Interface (CLI)におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-35255 2026-05-8 12:10 2026-05-6 Show GitHub Exploit DB Packet Storm
5272 5.5 警告
Local 		ikea DIRIGERA Firmware ikeaのDIRIGERA Firmwareにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-3588 2026-05-8 12:10 2026-03-9 Show GitHub Exploit DB Packet Storm
5273 10 緊急
Network 		Unisys WebPerfect Image Suite UnisysのWebPerfect Image Suiteにおけるフィルタリングの回避に関する脆弱性 CWE-441
フィルタリング回避 		CVE-2026-39906 2026-05-8 12:10 2026-04-14 Show GitHub Exploit DB Packet Storm
5274 10 緊急
Network 		Unisys WebPerfect Image Suite UnisysのWebPerfect Image Suiteにおけるファイル名やパス名の外部制御に関する脆弱性 CWE-73
ファイル名やパス名の外部制御 		CVE-2026-39907 2026-05-8 12:10 2026-04-14 Show GitHub Exploit DB Packet Storm
5275 7.5 重要
Network 		ZTE ZXESM iEMS ZTEのZXESM iEMSにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-40436 2026-05-8 12:10 2026-04-13 Show GitHub Exploit DB Packet Storm
5276 7.5 重要
Network 		MIYAGAWA (Tatsuhiko Miyagawa) Starman MIYAGAWA (Tatsuhiko Miyagawa)のStarmanにおけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-40560 2026-05-8 12:10 2026-04-29 Show GitHub Exploit DB Packet Storm
5277 5.3 警告
Network 		Kazuho Oku (kazuho) Starlet Kazuho Oku (kazuho)のStarletにおけるHTTP リクエストスマグリングに関する脆弱性 CWE-444
HTTP リクエストスマグリング 		CVE-2026-40561 2026-05-8 12:10 2026-05-3 Show GitHub Exploit DB Packet Storm
5278 7.5 重要
Network 		NERDVANA (Michael Conrad) Crypt-SecretBuffer NERDVANA (Michael Conrad)のCrypt-SecretBufferにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-5086 2026-05-8 12:10 2026-04-13 Show GitHub Exploit DB Packet Storm
5279 7.5 重要
Network 		JDEGUEST (Jacques Deguest) Apache::API::Password JDEGUEST (Jacques Deguest)のApache::API::Passwordにおける暗号の脆弱な PRNG の使用に関する脆弱性 CWE-338
暗号における脆弱な PRNG の使用 		CVE-2026-5088 2026-05-8 12:09 2026-04-15 Show GitHub Exploit DB Packet Storm
5280 8.8 重要
Network 		Cerberus, LLC Cerberus FTP Server CerberusのCerberus FTP Serverにおける安全に保持されない継承されたパーミッションに関する脆弱性 CWE-278
安全に保持されない継承されたパーミッション 		CVE-2026-6265 2026-05-8 12:09 2026-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314851 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream al… CWE-476
 NULL Pointer Dereference 		CVE-2024-50105 2024-11-13 00:06 2024-11-6 Show GitHub Exploit DB Packet Storm
314852 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sdm845: add missing soundwire runtime stream alloc During the migration of Soundwire runtime stream allocation from t… CWE-476
 NULL Pointer Dereference 		CVE-2024-50104 2024-11-13 00:05 2024-11-6 Show GitHub Exploit DB Packet Storm
314853 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices Previously, the domain_context_clear() function incorrectl… NVD-CWE-noinfo
CVE-2024-50101 2024-11-12 23:59 2024-11-6 Show GitHub Exploit DB Packet Storm
314854 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy… NVD-CWE-noinfo
CVE-2024-50100 2024-11-12 23:57 2024-11-6 Show GitHub Exploit DB Packet Storm
314855 - - - A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status… CWE-89
CWE-74
SQL Injection
Injection 		CVE-2024-11051 2024-11-12 22:56 2024-11-10 Show GitHub Exploit DB Packet Storm
314856 - - - Cross-Site Request Forgery (CSRF) vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25. CWE-352
 Origin Validation Error 		CVE-2024-51647 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
314857 - - - The SysBasics Customize My Account for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in all versions up to, and including, 2.7.29 due to ins… CWE-79
Cross-site Scripting 		CVE-2024-10837 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
314858 7.3 HIGH
Network 		- - The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the soft… CWE-94
Code Injection 		CVE-2024-10640 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
314859 4.3 MEDIUM
Network 		- - The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the get_content_type function in includes/widgets… CWE-200
Information Exposure 		CVE-2024-10352 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
314860 7.3 HIGH
Network 		- - The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and… CWE-94
Code Injection 		CVE-2024-10261 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm