Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
981 5.5 警告
Local 		ImageMagick ImageMagick ImageMagickにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-42050 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
982 8.1 重要
Network 		- OpenC3のOpenC3 COSMOSにおける不要な特権による実行に関する脆弱性 CWE-250
不要な特権による実行 		CVE-2026-42088 2026-05-15 11:00 2026-05-4 Show GitHub Exploit DB Packet Storm
983 8.8 重要
Network 		litellm litellm LiteLLMにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-42203 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
984 9.1 緊急
Network 		axios project axios axios projectのaxiosにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性 CWE-1321
オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染) 		CVE-2026-42264 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
985 5.7 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるCSV ファイル内の数式要素の中和に関する脆弱性 CWE-1236
CSV ファイル内の数式要素の不適切な中和 		CVE-2026-42267 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
986 7.5 重要
Network 		The Go Project Go The Go ProjectのGoにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-42499 2026-05-15 11:00 2026-05-7 Show GitHub Exploit DB Packet Storm
987 7.5 重要
Network 		The Go Project Go The Go ProjectのGoにおけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-42501 2026-05-15 11:00 2026-05-7 Show GitHub Exploit DB Packet Storm
988 9.1 緊急
Network 		Grav CMS grav Grav CMSのgravにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-42608 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
989 5.4 警告
Network 		Open edX openedx Open edXのopenedxにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42857 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
990 9.9 緊急
Network 		Open edX openedx Open edXのopenedxにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42858 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311851 9.8 CRITICAL
Network 		- - Microsoft Configuration Manager Remote Code Execution Vulnerability CWE-89
SQL Injection 		CVE-2024-43468 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311852 - - - NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a… - CVE-2024-35215 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311853 8.0 HIGH
Adjacent 		- - Windows Hyper-V Remote Code Execution Vulnerability CWE-20
CWE-829
 Improper Input Validation 
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2024-30092 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311854 - - - An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string. - CVE-2024-25885 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311855 7.1 HIGH
Adjacent 		- - Windows Hyper-V Security Feature Bypass Vulnerability CWE-20
 Improper Input Validation  		CVE-2024-20659 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311856 5.3 MEDIUM
Network 		- - A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is … CWE-444
HTTP Request Smuggling 		CVE-2024-9622 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311857 5.3 MEDIUM
Network 		- - A vulnerability was found in Quarkus CXF. Passwords and other secrets may appear in the application log in spite of the user configuring them to be hidden. This issue requires some special configura… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-9621 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311858 5.3 MEDIUM
Network 		- - A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which lacks encryption of sensitive information. An attacker with network access could exploit this vulnerabili… - CVE-2024-9620 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311859 - - - A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation. - CVE-2024-3057 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm
311860 - - - A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The vulnerability is present in the SetStationSettings function. The system directly invokes the system function to … - CVE-2024-45880 2024-10-10 21:56 2024-10-9 Show GitHub Exploit DB Packet Storm