Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
751 5.5 警告
Local 		IBM watsonx.data IBMのwatsonx.dataにおける認証情報の平文保存に関する脆弱性 CWE-256
平文でパスワードを保存 		CVE-2025-36335 2026-05-14 10:23 2026-04-30 Show GitHub Exploit DB Packet Storm
752 7.5 重要
Network 		アップル iOS
iPadOS 		アップルのiPadOS等の複数製品におけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性 CWE-451
ユーザインターフェースにおける重要情報の誤った表示 		CVE-2025-46311 2026-05-14 10:23 2026-05-12 Show GitHub Exploit DB Packet Storm
753 4.7 警告
Network 		ISPConfig ISPConfig ISPConfigにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-52206 2026-05-14 10:23 2026-05-5 Show GitHub Exploit DB Packet Storm
754 7.3 重要
Network 		AstrBot AstrBot AstrBotにおけるハードコードされた暗号鍵の使用に関する脆弱性 CWE-321
ハードコードされた暗号鍵の使用 		CVE-2025-55449 2026-05-14 10:23 2026-05-8 Show GitHub Exploit DB Packet Storm
755 7.2 重要
Network 		Check MK Check MK Check MKにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2025-64998 2026-05-14 10:22 2026-03-24 Show GitHub Exploit DB Packet Storm
756 6.5 警告
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性 CWE-359
認可されていないアクターへの個人情報の漏えい 		CVE-2025-66171 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
757 8.1 重要
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性 CWE-359
認可されていないアクターへの個人情報の漏えい 		CVE-2025-66172 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
758 7.2 重要
Network 		Dolibarr ERP & CRM dolibarr erp/crm Dolibarr ERP & CRMのdolibarr erp/crmにおけるインジェクションに関する脆弱性 CWE-74
インジェクション 		CVE-2025-67486 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
759 9.1 緊急
Network 		Electric Sheep Fencing pfSense Electric Sheep FencingのpfSenseにおける複数の脆弱性 CWE-502
CWE-915
CVE-2025-69690 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
760 9.9 緊急
Network 		Electric Sheep Fencing pfSense Electric Sheep FencingのpfSenseにおける複数の脆弱性 CWE-284
CWE-915
CVE-2025-69691 2026-05-14 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311981 - - - TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. This file system serves as the basis for the HTT… CWE-306
Missing Authentication for Critical Function 		CVE-2024-41988 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311982 - - - The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exp… CWE-352
 Origin Validation Error 		CVE-2024-41987 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311983 - - - Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. The vulnerability occurs due to insufficient validation of PSD files. - CVE-2024-45872 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311984 - - - Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS). - CVE-2024-45871 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311985 - - - NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A s… CWE-476
 NULL Pointer Dereference 		CVE-2024-0125 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311986 - - - NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A succ… CWE-416
 Use After Free 		CVE-2024-0124 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311987 - - - NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into runnin… CWE-1285
 Improper Validation of Specified Index, Position, or Offset in Input 		CVE-2024-0123 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311988 - - - Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in sub_0x3d80fc via a crafted POC file. - CVE-2024-45870 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311989 - - - Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal. - CVE-2024-9100 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm
311990 - - - The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is… - CVE-2024-5803 2024-10-4 22:50 2024-10-4 Show GitHub Exploit DB Packet Storm