Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1061 9.6 緊急
Network 		charm Wish charmのWishにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-41589 2026-06-3 17:04 2026-05-7 Show GitHub Exploit DB Packet Storm
1062 9.1 緊急
Network 		i18next i18next-http-backend i18nextのi18next-http-backendにおける複数の脆弱性 CWE-22
CWE-74
CVE-2026-41691 2026-06-3 17:04 2026-05-7 Show GitHub Exploit DB Packet Storm
1063 4.7 警告
Network 		i18next i18nextify i18nextのi18nextifyにおける複数の脆弱性 CWE-79
CWE-94
CVE-2026-41692 2026-06-3 17:04 2026-05-7 Show GitHub Exploit DB Packet Storm
1064 10 緊急
Network 		th30d4y OpenLearnX th30d4yのOpenLearnXにおける複数の脆弱性 CWE-250
CWE-284
CWE-693
CWE-78
CWE-94
CVE-2026-41900 2026-06-3 17:04 2026-05-8 Show GitHub Exploit DB Packet Storm
1065 6.1 警告
Network 		The Go Project Net The Go ProjectのNetにおけるレンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限に関する脆弱性 CWE-1021
レンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限 		CVE-2026-42502 2026-06-3 17:04 2026-05-22 Show GitHub Exploit DB Packet Storm
1066 6.1 警告
Network 		The Go Project Net The Go ProjectのNetにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42506 2026-06-3 17:04 2026-05-22 Show GitHub Exploit DB Packet Storm
1067 7.8 重要
Local 		horsicq Detect-It-Easy horsicqのDetect-It-Easyにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-43616 2026-06-3 17:04 2026-05-4 Show GitHub Exploit DB Packet Storm
1068 9.9 緊急
Network 		オラクル Oracle iAssets オラクルのOracle iAssetsにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46822 2026-06-3 17:04 2026-05-28 Show GitHub Exploit DB Packet Storm
1069 7.5 重要
Network 		fastify fastify/accepts-serializer fastifyのfastify/accepts-serializerにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-7768 2026-06-3 17:04 2026-05-4 Show GitHub Exploit DB Packet Storm
1070 8.8 重要
Local 		NanoCo NanoClaw NanoCoのNanoClawにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-7875 2026-06-3 17:04 2026-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
121 7.9 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New CWE-693
 Protection Mechanism Failure 		CVE-2026-48568 2026-06-11 02:18 2026-06-10 Show GitHub Exploit DB Packet Storm
122 7.9 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New CWE-693
 Protection Mechanism Failure 		CVE-2026-48570 2026-06-11 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
123 4.4 MEDIUM
Local 		- - Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge() function during the variable merging pass. Attackers can trigger this vulnerability by crafti… New CWE-416
 Use After Free 		CVE-2026-52757 2026-06-11 02:16 2026-06-10 Show GitHub Exploit DB Packet Storm
124 7.8 HIGH
Local 		- - Ghidra before 12.0.2 contains a path traversal vulnerability in the extension installer that fails to validate ZIP entry names during extraction. Attackers can craft malicious extensions with travers… New CWE-22
Path Traversal 		CVE-2026-52752 2026-06-11 02:16 2026-06-10 Show GitHub Exploit DB Packet Storm
125 5.5 MEDIUM
Local 		- - Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O b… New CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-49495 2026-06-11 02:16 2026-06-10 Show GitHub Exploit DB Packet Storm
126 5.4 MEDIUM
Network 		- - Umbraco is an ASP.NET CMS. Prior to versions 13.14.0 and 17.4.0, some of the Surface Controllers in the CMS provide to support member related operations fail to validate redirect URLs, making Razor t… New CWE-601
Open Redirect 		CVE-2026-46616 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
127 4.6 MEDIUM
Network 		- - Umbraco is an ASP.NET CMS. From version 14.0.0 to before version 17.4.0, authenticated users are able to inject HTML into an input field, which is rendered in the confirmation dialog without proper o… New CWE-79
Cross-site Scripting 		CVE-2026-46609 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
128 8.3 HIGH
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, there is an authentication bypass vulnerability via 'api' substring in URL + unau… New CWE-287
CWE-306
CWE-697
Improper Authentication
Missing Authentication for Critical Function
 Incorrect Comparison 		CVE-2026-45567 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
129 6.1 MEDIUM
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or … New CWE-601
Open Redirect 		CVE-2026-45566 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
130 6.5 MEDIUM
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the /smon/agent/{version,uptime,status,checks}/<server_ip> family of routes takes… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45561 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm