Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
741	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-77 CWE-78	CVE-2026-41497	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

742	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41500	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

743	9.8	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-41501	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

744	7.8	重要 Local	Sebastian Bergmann	PHPUnit	Sebastian BergmannのPHPUnitにおける複数の脆弱性	CWE-88 CWE-93	CVE-2026-41570	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

745	7.5	重要 Network	Zcash Foundation	Zebra-chain Zebrad	Zcash FoundationのZebra-chain等の複数製品における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-41584	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

746	5.3	警告 Network	projectdiscovery	Nuclei	ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41645	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

747	5.5	警告 Local	projectdiscovery	Nuclei	ProjectDiscovery, Inc.のNucleiにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-41646	2026-05-11 11:09	2026-05-8	Show	GitHub Exploit DB Packet Storm

748	8.1	重要 Network		-	OpenC3のOpenC3 COSMOSにおける未検証のパスワード変更に関する脆弱性	CWE-620 未検証のパスワード変更	CVE-2026-42084	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

749	4.3	警告 Network		-	OpenC3のOpenC3 COSMOSにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-42085	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

750	4.6	警告 Network		-	OpenC3のOpenC3 COSMOSにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42086	2026-05-11 11:09	2026-05-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312111	5.5	MEDIUM Local	huawei	emui harmonyos	Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.	NVD-CWE-noinfo	CVE-2024-47291	2024-10-1 23:19	2024-09-27	Show	GitHub Exploit DB Packet Storm

312112	5.5	MEDIUM Local	huawei	emui harmonyos	Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.	NVD-CWE-noinfo	CVE-2024-47290	2024-10-1 23:19	2024-09-27	Show	GitHub Exploit DB Packet Storm

312113	4.8	MEDIUM Network	10web	form_maker	The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.27 due to insuf…	CWE-79 Cross-site Scripting	CVE-2024-8633	2024-10-1 23:17	2024-09-26	Show	GitHub Exploit DB Packet Storm

312114	5.4	MEDIUM Network	advancedfilemanager	advanced_file_manager	Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-privileged roles cannot upload .css and …	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8725	2024-10-1 23:16	2024-09-26	Show	GitHub Exploit DB Packet Storm

312115	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2024-46839	2024-10-1 23:15	2024-09-27	Show	GitHub Exploit DB Packet Storm

312116	7.2	HIGH Network	advancedfilemanager	advanced_file_manager	The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for …	CWE-22 Path Traversal	CVE-2024-8704	2024-10-1 23:15	2024-09-26	Show	GitHub Exploit DB Packet Storm

312117	7.5	HIGH Network	redhat	keycloak single_sign-on	A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when t…	NVD-CWE-noinfo	CVE-2023-6841	2024-10-1 23:15	2024-09-11	Show	GitHub Exploit DB Packet Storm

312118	6.1	MEDIUM Network	redhat	build_of_keycloak keycloak	An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. …	CWE-601 Open Redirect	CVE-2024-7260	2024-10-1 23:15	2024-09-10	Show	GitHub Exploit DB Packet Storm

312119	8.8	HIGH Network	advancedfilemanager	advanced_file_manager	The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for a…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-8126	2024-10-1 23:14	2024-09-26	Show	GitHub Exploit DB Packet Storm

312120	5.4	MEDIUM Network	alefypimentel	gf_custom_style	The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …	CWE-79 Cross-site Scripting	CVE-2024-9173	2024-10-1 23:12	2024-09-26	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed