Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5531 8.8 重要
Network 		Math.js Math.js Math.jsにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-41139 2026-05-11 11:10 2026-05-7 Show GitHub Exploit DB Packet Storm
5532 8.8 重要
Network 		OpenEXR OpenEXR OpenEXRにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-41142 2026-05-11 11:10 2026-05-7 Show GitHub Exploit DB Packet Storm
5533 7.7 重要
Network 		Istio Istio Istioにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41413 2026-05-11 11:09 2026-05-7 Show GitHub Exploit DB Packet Storm
5534 8.1 重要
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-41496 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5535 9.8 緊急
Network 		Mervin Praison (MervinPraison) PraisonAI Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性 CWE-77
CWE-78
CVE-2026-41497 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5536 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41500 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5537 9.8 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-41501 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5538 7.8 重要
Local 		Sebastian Bergmann PHPUnit Sebastian BergmannのPHPUnitにおける複数の脆弱性 CWE-88
CWE-93
CVE-2026-41570 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5539 7.5 重要
Network 		Zcash Foundation Zebra-chain
Zebrad 		Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-41584 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
5540 5.3 警告
Network 		projectdiscovery Nuclei ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41645 2026-05-11 11:09 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314491 8.8 HIGH
Network 		ultrapress unseen_blog The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated … CWE-502
 Deserialization of Untrusted Data 		CVE-2024-7432 2024-11-14 07:03 2024-10-1 Show GitHub Exploit DB Packet Storm
314492 3.7 LOW
Network 		netadmin netadmin_iam A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUser… CWE-203
 Information Exposure Through Discrepancy 		CVE-2024-9513 2024-11-14 06:57 2024-10-4 Show GitHub Exploit DB Packet Storm
314493 9.8 CRITICAL
Network 		ruijie rg-nbs2009g-p_firmware An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm. NVD-CWE-noinfo
CVE-2024-24116 2024-11-14 06:43 2024-10-3 Show GitHub Exploit DB Packet Storm
314494 - - - wasm3 139076a is vulnerable to Denial of Service (DoS). - CVE-2024-27527 2024-11-14 06:35 2024-11-9 Show GitHub Exploit DB Packet Storm
314495 8.1 HIGH
Network 		parseplatform parse_server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to cre… CWE-863
 Incorrect Authorization 		CVE-2024-47183 2024-11-14 06:15 2024-10-5 Show GitHub Exploit DB Packet Storm
314496 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, whi… CWE-787
 Out-of-bounds Write 		CVE-2024-50262 2024-11-14 06:10 2024-11-9 Show GitHub Exploit DB Packet Storm
314497 9.8 CRITICAL
Network 		dlink di-8003_firmware A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argume… CWE-78
CWE-77
OS Command 
Command Injection 		CVE-2024-11046 2024-11-14 06:01 2024-11-10 Show GitHub Exploit DB Packet Storm
314498 9.8 CRITICAL
Network 		dlink di-8003_firmware A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipu… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2024-11047 2024-11-14 05:56 2024-11-10 Show GitHub Exploit DB Packet Storm
314499 9.8 CRITICAL
Network 		dlink di-8003_firmware A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str le… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2024-11048 2024-11-14 05:53 2024-11-10 Show GitHub Exploit DB Packet Storm
314500 7.2 HIGH
Network 		salesagility suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM relies on the blacklist of functions/methods to prevent installation of malicious ML… NVD-CWE-noinfo
CVE-2024-49774 2024-11-14 05:40 2024-11-6 Show GitHub Exploit DB Packet Storm