Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3201	9.1	緊急 Network	MIYAGAWA (Tatsuhiko Miyagawa)	Plack::Middleware::Xsendfile	MIYAGAWA (Tatsuhiko Miyagawa)のPlack::Middleware::Xsendfileにおける複数の脆弱性	CWE-200 CWE-441 CWE-913	CVE-2026-7381	2026-05-8 12:09	2026-04-29	Show	GitHub Exploit DB Packet Storm

3202	8.1	重要 Network	D-Link Systems, Inc.	M60 Firmware	D-Link CorporationのM60 Firmwareにおけるパスワード管理機能に関する脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2026-7554	2026-05-8 12:09	2026-05-1	Show	GitHub Exploit DB Packet Storm

3203	9.8	緊急 Network	WAVLINK	WL-WN570HA1 Firmware	WAVLINKのWL-WN570HA1 Firmwareにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-7690	2026-05-8 12:09	2026-05-3	Show	GitHub Exploit DB Packet Storm

3204	6.3	警告 Network	WAVLINK	WL-WN570HA1 Firmware	WAVLINKのWL-WN570HA1 Firmwareにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-7691	2026-05-8 12:09	2026-05-3	Show	GitHub Exploit DB Packet Storm

3205	6.3	警告 Network	WAVLINK	WL-WN570HA1 Firmware	WAVLINKのWL-WN570HA1 Firmwareにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-7692	2026-05-8 12:09	2026-05-3	Show	GitHub Exploit DB Packet Storm

3206	8	重要 Adjacent	TP-LINK Technologies	Archer AXE75 Firmware	TP-LINK TechnologiesのArcher AXE75 FirmwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2025-15568	2026-05-8 12:09	2026-03-9	Show	GitHub Exploit DB Packet Storm

3207	6.5	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-31982	2026-05-8 12:09	2026-05-6	Show	GitHub Exploit DB Packet Storm

3208	4.6	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるセキュリティチェックに関する脆弱性	CWE-358 不適切に実装されたセキュリティチェック	CVE-2025-31983	2026-05-8 12:09	2026-05-6	Show	GitHub Exploit DB Packet Storm

3209	6.1	警告 Network	phppointofsale	php point of sale	phppointofsaleのphp point of saleにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-41011	2026-05-8 12:09	2026-04-21	Show	GitHub Exploit DB Packet Storm

3210	4.3	警告 Network	フォーティネット	FortiSOAR	フォーティネットのFortiSOARにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2025-59809	2026-05-8 12:09	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2331	9.8	CRITICAL Network	nvidia	isaac_launchable	NVIDIA Isaac Launchable for Linux contains a vulnerability where sensitive information is transmitted in clear text. A successful exploit of this vulnerability might lead to code execution, escalatio…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2026-24212	2026-05-27 22:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2332	6.1	MEDIUM Network	joomla	joomla\!	Lack of output escaping leads to a XSS vector in the feed modules.	CWE-79 Cross-site Scripting	CVE-2026-25900	2026-05-27 22:41	2026-05-27	Show	GitHub Exploit DB Packet Storm

2333	6.1	MEDIUM Network	joomla	joomla\!	Lack of output escaping leads to a XSS vector in the multilingual associations component.	CWE-79 Cross-site Scripting	CVE-2026-25901	2026-05-27 22:40	2026-05-27	Show	GitHub Exploit DB Packet Storm

2334	6.1	MEDIUM Network	joomla	joomla\!	Lack of output escaping leads to a XSS vector in the content history component.	CWE-79 Cross-site Scripting	CVE-2026-30894	2026-05-27 22:29	2026-05-27	Show	GitHub Exploit DB Packet Storm

2335	6.1	MEDIUM Network	joomla	joomla\!	Lack of output escaping leads to a XSS vector in the readmore links for com_content.	CWE-79 Cross-site Scripting	CVE-2026-30895	2026-05-27 22:28	2026-05-27	Show	GitHub Exploit DB Packet Storm

2336	4.3	MEDIUM Network	joomla	joomla\!	Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of com_users.	CWE-352 Origin Validation Error	CVE-2026-35220	2026-05-27 22:18	2026-05-27	Show	GitHub Exploit DB Packet Storm

2337	9.8	CRITICAL Network	joomla	joomla\!	Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.	CWE-89 SQL Injection	CVE-2026-35221	2026-05-27 22:05	2026-05-27	Show	GitHub Exploit DB Packet Storm

2338	9.8	CRITICAL Network	joomla	joomla\!	Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.	CWE-89 SQL Injection	CVE-2026-35222	2026-05-27 21:28	2026-05-27	Show	GitHub Exploit DB Packet Storm

2339	9.8	CRITICAL Network	joomla	joomla\!	An improper validation of user-supplied input leads to a local file inclusion vulnerability.	CWE-22 Path Traversal	CVE-2026-40383	2026-05-27 21:24	2026-05-27	Show	GitHub Exploit DB Packet Storm

2340	7.5	HIGH Network	microsoft	global_secure_access	Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.	CWE-269 Improper Privilege Management	CVE-2026-23663	2026-05-27 21:16	2026-05-23	Show	GitHub Exploit DB Packet Storm