Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
901	7.1	重要 Network	Quantum Nous	New API	Quantum NousのNew APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42339	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

902	9.8	緊急 Network	sentry	sentry	sentryにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-42354	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

903	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-42355	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

904	5.1	警告 Local	uriparser project	uriparser	uriparser projectのuriparserにおける数値打ち切り誤差に関する脆弱性	CWE-197 数値打ち切り誤差	CVE-2026-42371	2026-05-20 13:30	2026-04-27	Show	GitHub Exploit DB Packet Storm

905	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-42442	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

906	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおけるゼロ除算に関する脆弱性	CWE-369 ゼロ除算	CVE-2026-42443	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

907	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-42444	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

908	4.3	警告 Network	mintplexlabs	anythingllm	mintplexlabsのanythingllmにおける複数の脆弱性	CWE-200 CWE-639 CWE-639	CVE-2026-42456	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

909	6.1	警告 Network	Gofiber	Fiber	GofiberのFiberにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42554	2026-05-20 13:29	2026-05-11	Show	GitHub Exploit DB Packet Storm

910	9	緊急 Network	Gitroom	Postiz	GitroomのPostizにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42556	2026-05-20 13:29	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311281	8.8	HIGH Network	ithemelandco	woocommerce_report	The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settin…	CWE-352 Origin Validation Error	CVE-2024-10711	2024-11-8 02:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

311282	8.1	HIGH Network	wpwebelite	woocommerce_-_social_login	The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.7.7. This is due to insufficient verification on the user being retu…	NVD-CWE-noinfo	CVE-2024-10114	2024-11-8 02:04	2024-11-5	Show	GitHub Exploit DB Packet Storm

311283	5.5	MEDIUM Local	huawei	harmonyos	Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.	NVD-CWE-noinfo	CVE-2024-51512	2024-11-8 02:03	2024-11-5	Show	GitHub Exploit DB Packet Storm

311284	5.5	MEDIUM Local	huawei	harmonyos	Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.	NVD-CWE-noinfo	CVE-2024-51511	2024-11-8 02:03	2024-11-5	Show	GitHub Exploit DB Packet Storm

311285	5.5	MEDIUM Local	huawei	harmonyos emui	Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	CWE-787 Out-of-bounds Write	CVE-2024-51510	2024-11-8 02:03	2024-11-5	Show	GitHub Exploit DB Packet Storm

311286	-		-	-	Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 20…	-	CVE-2024-6245	2024-11-8 01:15	2024-10-29	Show	GitHub Exploit DB Packet Storm

311287	6.5	MEDIUM Network	mongodb	mongodb	prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no prima…	NVD-CWE-Other	CVE-2024-8305	2024-11-8 00:38	2024-10-22	Show	GitHub Exploit DB Packet Storm

311288	6.1	MEDIUM Network	klokantech	maptiler_tileserver_gl	A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argume…	CWE-79 Cross-site Scripting	CVE-2024-10503	2024-11-8 00:30	2024-10-30	Show	GitHub Exploit DB Packet Storm

311289	7.5	HIGH Network	nginxui	nginx_ui	Nginx UI is a web user interface for the Nginx web server. Nginx UI v2.0.0-beta.35 and earlier gets the value from the json field without verification, and can construct a value value in the form of …	CWE-22 Path Traversal	CVE-2024-49366	2024-11-8 00:15	2024-10-22	Show	GitHub Exploit DB Packet Storm

311290	7.5	HIGH Network	nginxui	nginx_ui	Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, the log path of nginxui is controllable. This issue can be combined with the directory traversal at `/api/co…	CWE-862 Missing Authorization	CVE-2024-49367	2024-11-7 23:57	2024-10-22	Show	GitHub Exploit DB Packet Storm