Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
961	6.1	警告 Network	The Go Project	Go	The Go ProjectのGoにおけるエンコードおよびエスケープに関する脆弱性	CWE-116 不適切なエンコード、または出力のエスケープ	CVE-2026-39826	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

962	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-39836	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

963	4.3	警告 Network	アップル	tvOS iOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品における古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-39869	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

964	7.5	重要 Network		-	アップルのmacOSにおけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-39870	2026-05-15 11:01	2026-05-11	Show	GitHub Exploit DB Packet Storm

965	6.8	警告 Physics	ZTE	ZX297520V3 ファームウェア	ZTEのZX297520V3 ファームウェアにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-40003	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

966	7.8	重要 Local	ZTE	ZXCLOUD iRAI	ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-40004	2026-05-15 11:01	2026-05-7	Show	GitHub Exploit DB Packet Storm

967	6.5	警告 Network	Zulip	Zulip Server	ZulipのZulip Serverにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-40300	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

968	6.5	警告 Network	NocoBase	NocoBase	NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-40346	2026-05-15 11:01	2026-04-18	Show	GitHub Exploit DB Packet Storm

969	8.8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-40357	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

970	8.8	重要 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft SharePoint Server のリモートでコードが実行される脆弱性	CWE-1220 アクセス制御の不十分な粒度	CVE-2026-40365	2026-05-15 11:01	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311881	6.4	MEDIUM Network	-	-	The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.2.9 due to insufficient inpu…	CWE-79 Cross-site Scripting	CVE-2024-8964	2024-10-10 21:56	2024-10-8	Show	GitHub Exploit DB Packet Storm

311882	-		-	-	Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of handlelo…	-	CVE-2024-47095	2024-10-10 21:56	2024-10-8	Show	GitHub Exploit DB Packet Storm

311883	-		-	-	SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware	-	CVE-2024-7206	2024-10-10 21:56	2024-10-8	Show	GitHub Exploit DB Packet Storm

311884	-		-	-	Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other use…	-	CVE-2024-34672	2024-10-10 21:56	2024-10-8	Show	GitHub Exploit DB Packet Storm

311885	7.5	HIGH Network	ruby-lang	rexml	REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `>]` and `]>`. The REXM…	CWE-400 Uncontrolled Resource Consumption	CVE-2024-41123	2024-10-10 21:56	2024-08-2	Show	GitHub Exploit DB Packet Storm

311886	6.1	MEDIUM Network	-	-	Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit …	-	CVE-2024-45123	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

311887	4.3	MEDIUM Network	-	-	Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged a…	CWE-284 Improper Access Control	CVE-2024-45122	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

311888	-		-	-	Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged a…	CWE-284 Improper Access Control	CVE-2024-45121	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

311889	4.3	MEDIUM Network	-	-	Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature byp…	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2024-45120	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

311890	5.5	MEDIUM Network	-	-	Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-pri…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-45119	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm