Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
551 4.8 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-8197 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
552 5.4 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-8203 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
553 5.3 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-8204 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
554 5.3 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおけるリクエストの直接送信に関する脆弱性 CWE-425
リクエストの直接送信 		CVE-2026-8205 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
555 4.3 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-8236 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
556 5.3 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-8237 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
557 5.3 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-8238 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
558 5.3 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-8239 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
559 5.3 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-8240 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
560 5.4 警告
Network 		Concrete CMS Concrete CMS Concrete CMSにおけるWeb ページの属性に対するスクリプトの不適切な無害化に関する脆弱性 CWE-83
Web ページの属性に対するスクリプトの不適切な無害化 		CVE-2026-8245 2026-05-28 14:37 2026-05-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
310961 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-9530. Reason: This candidate is a reservation duplicate of CVE-2024-9530. Notes: All CVE users should reference CV… - CVE-2024-10691 2024-11-16 00:15 2024-11-16 Show GitHub Exploit DB Packet Storm
310962 - - - Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login. - CVE-2024-52553 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310963 - - - Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability… - CVE-2024-52552 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310964 - - - Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing att… - CVE-2024-52551 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310965 - - - Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attacker… - CVE-2024-52550 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310966 - - - Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form valid… - CVE-2024-52549 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310967 - - - baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access all… - CVE-2024-45877 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310968 - - - Use after free in the UEFI firmware of some Intel(R) Server M20NTP BIOS may allow a privileged user to potentially enable escalation of privilege via local access. CWE-416
 Use After Free 		CVE-2024-40885 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310969 - - - Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access. CWE-20
 Improper Input Validation  		CVE-2024-39811 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm
310970 - - - Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of pri… CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2024-39766 2024-11-15 23:00 2024-11-14 Show GitHub Exploit DB Packet Storm