Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
215921 5.4 警告 Sunstorm Games LLC - Android 用 Donut Maker アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5709 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215922 5.4 警告 GameInfo - Android 用 Best Racing/moto Games Ranking アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5708 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215923 5.4 警告 Animoca - Android 用 Bunny Run アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5707 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215924 5.4 警告 Wizard Works - Android 用 SomNote - Journal/Memo アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5706 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215925 5.4 警告 SEGA of America - Android 用 Sonic CD Lite アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5705 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215926 5.4 警告 mr384 project - Android 用 Mzone Login アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5665 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215927 5.4 警告 playstudio - Android 用 Brisbane & Queensland Alert アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-4906 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215928 5.4 警告 cleaninternet - Android 用 Clean Internet Browser アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-4905 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215929 5.4 警告 crossmo - Android 用 Crossmo Calendar アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-4904 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
215930 5.4 警告 mocoga - Android 用 Kakao Bingo Garden アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-4903 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1651 4.3 MEDIUM
Network 		- - Missing Authorization vulnerability in bPlugins Tiktok Feed allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tiktok Feed: from n/a through 1.0.24. CWE-862
 Missing Authorization 		CVE-2026-24520 2026-05-27 05:19 2026-05-27 Show GitHub Exploit DB Packet Storm
1652 5.3 MEDIUM
Network 		- - Missing Authorization vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxi Booking M… CWE-862
 Missing Authorization 		CVE-2026-25426 2026-05-27 05:19 2026-05-27 Show GitHub Exploit DB Packet Storm
1653 4.3 MEDIUM
Network 		- - Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpBookingly: from n/a through 1.2.9. CWE-862
 Missing Authorization 		CVE-2026-25444 2026-05-27 05:19 2026-05-27 Show GitHub Exploit DB Packet Storm
1654 6.3 MEDIUM
Network 		- - Missing Authorization vulnerability in Magepeople inc. WpTravelly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpTravelly: from n/a through 2.1.5. CWE-862
 Missing Authorization 		CVE-2026-27331 2026-05-27 05:19 2026-05-27 Show GitHub Exploit DB Packet Storm
1655 7.3 HIGH
Network 		- - A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the a… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9574 2026-05-27 05:19 2026-05-27 Show GitHub Exploit DB Packet Storm
1656 7.3 HIGH
Network 		- - A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue affects some unknown processing of the file /admin/modules/class/index.php?view=view. The manipulat… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9575 2026-05-27 05:19 2026-05-27 Show GitHub Exploit DB Packet Storm
1657 9.8 CRITICAL
Network 		litespeedtech litespeed_cpanel_plugin
litespeed_whm_plugin 		LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsona… CWE-266
 Incorrect Privilege Assignment 		CVE-2026-48172 2026-05-27 05:19 2026-05-21 Show GitHub Exploit DB Packet Storm
1658 7.5 HIGH
Network 		- - D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST req… CWE-497
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2018-25358 2026-05-27 05:16 2026-05-24 Show GitHub Exploit DB Packet Storm
1659 6.5 MEDIUM
Network 		- - Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the int… CWE-22
Path Traversal 		CVE-2026-41863 2026-05-27 05:16 2026-05-25 Show GitHub Exploit DB Packet Storm
1660 8.2 HIGH
Network 		- - code100x contains an authentication bypass vulnerability in the Mobile API that allows unauthenticated attackers to impersonate arbitrary users by supplying a crafted JSON payload in the 'g' HTTP hea… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-8890 2026-05-27 05:16 2026-05-27 Show GitHub Exploit DB Packet Storm