Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
771	7.5	重要 Network	QNAP Systems	QNAP QTS QuTS hero	QNAP SystemsのQNAP QTS等の複数製品における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2024-13086	2026-02-2 19:28	2025-03-7	Show	GitHub Exploit DB Packet Storm

772	2.7	低 Network	Palo Alto Networks	PAN-OS	Palo Alto NetworksのPAN-OSにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2024-2433	2026-02-2 19:28	2024-03-13	Show	GitHub Exploit DB Packet Storm

773	6.1	警告 Network	LimeSurvey	LimeSurvey	LimeSurveyにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-24506	2026-02-2 19:28	2024-04-3	Show	GitHub Exploit DB Packet Storm

774	7.8	重要 Local	Macro Expert	Macro Expert	Macro Expertにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2024-27674	2026-02-2 19:27	2024-04-3	Show	GitHub Exploit DB Packet Storm

775	9.3	緊急 Network	Typebot	Typebot	Typebotにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-30264	2026-02-2 19:27	2024-04-4	Show	GitHub Exploit DB Packet Storm

776	5.9	警告 Network	Palo Alto Networks	PAN-OS	Palo Alto NetworksのPAN-OSにおける暗号強度に関する脆弱性	CWE-326 不適切な暗号強度	CVE-2024-3387	2026-02-2 19:27	2024-04-10	Show	GitHub Exploit DB Packet Storm

777	9.8	緊急 Network	Elasticsearch B.V.	elastic cloud enterprise	Elasticsearch B.V.のelastic cloud enterpriseにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2024-37282	2026-02-2 19:27	2024-06-28	Show	GitHub Exploit DB Packet Storm

778	8.8	重要 Network	LimeSurvey	LimeSurvey	LimeSurveyにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2024-39063	2026-02-2 19:27	2024-07-9	Show	GitHub Exploit DB Packet Storm

779	7.5	重要 Network	Synology Inc.	Media Server	Synology Inc.のMedia Serverにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2024-4464	2026-02-2 19:27	2024-12-18	Show	GitHub Exploit DB Packet Storm

780	9.8	緊急 Network	QNAP Systems	Hybrid Backup Sync	QNAP SystemsのHybrid Backup Syncにおける複数の脆弱性	CWE-77 CWE-78	CVE-2024-50388	2026-02-2 19:27	2024-12-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
41	4.8	MEDIUM Network	-	-	GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the template group creation and editing functionality that allows authenticated administrators to inject arbitrary J… New	CWE-79 Cross-site Scripting	CVE-2026-23752	2026-04-21 03:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

42	7.8	HIGH Local	microsoft	windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2019 windows_server_2022 windows_server_2022_…	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Update	CWE-362 Race Condition	CVE-2026-32160	2026-04-21 03:15	2026-04-15	Show	GitHub Exploit DB Packet Storm

43	5.7	MEDIUM Network	dell	data_domain_operating_system	Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion o… Update	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-23775	2026-04-21 03:11	2026-04-17	Show	GitHub Exploit DB Packet Storm

44	7.8	HIGH Local	dell	data_domain_operating_system	Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50… Update	CWE-522 Insufficiently Protected Credentials	CVE-2025-36568	2026-04-21 03:10	2026-04-17	Show	GitHub Exploit DB Packet Storm

45	7.2	HIGH Network	fortinet	fortiweb	An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attack… Update	CWE-787 Out-of-bounds Write	CVE-2026-40688	2026-04-21 03:07	2026-04-15	Show	GitHub Exploit DB Packet Storm

46	8.8	HIGH Network	fortinet	fortiddos-f	A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or com… Update	CWE-89 SQL Injection	CVE-2026-39815	2026-04-21 03:06	2026-04-15	Show	GitHub Exploit DB Packet Storm

47	4.8	MEDIUM Network	fortinet	fortinac-f	An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may a… Update	CWE-601 Open Redirect	CVE-2026-21741	2026-04-21 03:06	2026-04-15	Show	GitHub Exploit DB Packet Storm

48	7.2	HIGH Network	fortinet	fortianalyzer fortianalyzer_cloud fortimanager fortimanager_cloud	An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7… Update	CWE-89 SQL Injection	CVE-2025-61848	2026-04-21 03:05	2026-04-15	Show	GitHub Exploit DB Packet Storm

49	8.8	HIGH Adjacent	fortinet	fortios	A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS … Update	CWE-306 Missing Authentication for Critical Function	CVE-2025-53847	2026-04-21 03:04	2026-04-15	Show	GitHub Exploit DB Packet Storm

50	4.3	MEDIUM Network	fortinet	fortivoice fortindr	An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.… Update	CWE-200 Information Exposure	CVE-2024-23104	2026-04-21 03:03	2026-04-15	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed