Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1691 6.5 警告
Adjacent 		ジュニパーネットワークス Junos OS ジュニパーネットワークスのJunos OSにおける例外的な状況に対する不適切なチェックまたは処理に関する脆弱性 CWE-703
例外的な状況に対する不適切なチェックまたは処理 		CVE-2024-21593 2026-01-26 19:41 2024-04-12 Show GitHub Exploit DB Packet Storm
1692 9 緊急
Network 		WPDeveloper betterdocs WPDeveloperのWordPress用betterdocsにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2024-30226 2026-01-26 19:41 2024-03-28 Show GitHub Exploit DB Packet Storm
1693 6.5 警告
Adjacent 		ジュニパーネットワークス Junos OS ジュニパーネットワークスのJunos OSにおける隔離または分類に関する脆弱性 CWE-653
不適切な隔離または分類 		CVE-2024-30388 2026-01-26 19:40 2024-04-12 Show GitHub Exploit DB Packet Storm
1694 7.5 重要
Network 		ジュニパーネットワークス Junos OS ジュニパーネットワークスのJunos OSにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2024-30392 2026-01-26 19:40 2024-04-12 Show GitHub Exploit DB Packet Storm
1695 5.9 警告
Network 		ジュニパーネットワークス Junos OS ジュニパーネットワークスのJunos OSにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2024-30401 2026-01-26 19:40 2024-04-12 Show GitHub Exploit DB Packet Storm
1696 8 重要
Network 		Repute Infosystems arforms form builder Repute InfosystemsのWordPress用arforms form builderにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2024-31270 2026-01-26 19:40 2024-05-8 Show GitHub Exploit DB Packet Storm
1697 6.3 警告
Network 		Repute Infosystems arforms form builder Repute InfosystemsのWordPress用arforms form builderにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-31272 2026-01-26 19:40 2024-04-12 Show GitHub Exploit DB Packet Storm
1698 5.4 警告
Network 		MainWP MainWP Child Reports MainWPのWordPress用MainWP Child Reportsにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2024-33680 2026-01-26 19:40 2024-04-26 Show GitHub Exploit DB Packet Storm
1699 6.1 警告
Network 		Repute Infosystems arforms form builder Repute InfosystemsのWordPress用arforms form builderにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-37920 2026-01-26 19:40 2024-07-20 Show GitHub Exploit DB Packet Storm
1700 5.4 警告
Network 		Qode Interactive qi blocks Qode InteractiveのWordPress用qi blocksにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2024-38712 2026-01-26 19:40 2024-07-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351 8.7 HIGH
Local 		- - OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, mi… New CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2026-33317 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
352 - - - Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS).`press.api.account.create_api_secret` is prone to CSRF-like expl… New CWE-352
 Origin Validation Error 		CVE-2026-41317 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
353 8.8 HIGH
Network 		- - Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user (including `BASIC` role) can escalate to `ADMIN` on servers migrated from password authentication to Ope… New CWE-284
CWE-862
Improper Access Control
 Missing Authorization 		CVE-2026-33318 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
354 8.2 HIGH
Network 		- - Open Source Social Network (OSSN) is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted i… New CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41309 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
355 8.1 HIGH
Network 		- - ERB is a templating system for Ruby. Ruby 2.7.0 (before ERB 2.2.0 was published on rubygems.org) introduced an `@_init` instance variable guard in `ERB#result` and `ERB#run` to prevent code execution… New CWE-693
 Protection Mechanism Failure 		CVE-2026-41316 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
356 5.4 MEDIUM
Network 		- - AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, AnythingLLM's in-chat markdown renderer has an uns… New CWE-79
CWE-116
CWE-1336
Cross-site Scripting
 Improper Encoding or Escaping of Output
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-41318 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
357 8.1 HIGH
Network 		- - Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.18.0-rc1, 1.17.2-rc1, and 1.16.4, Kyverno's apiCall feature in ClusterPolicy automatically attache… New CWE-200
CWE-918
Information Exposure
Server-Side Request Forgery (SSRF)  		CVE-2026-41323 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
358 7.5 HIGH
Network 		- - basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A mal… New CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41324 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
359 - - - Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Redirect parameter on login page is vulnerable to reflected XSS… New CWE-79
Cross-site Scripting 		CVE-2026-41430 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
360 6.5 MEDIUM
Network 		- - MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrar… New CWE-74
Injection 		CVE-2026-41319 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm