Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1151	5.3	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-8238	2026-05-28 14:37	2026-05-21	Show	GitHub Exploit DB Packet Storm

1152	5.3	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-8239	2026-05-28 14:37	2026-05-21	Show	GitHub Exploit DB Packet Storm

1153	5.3	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-8240	2026-05-28 14:37	2026-05-21	Show	GitHub Exploit DB Packet Storm

1154	5.4	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおけるWeb ページの属性に対するスクリプトの不適切な無害化に関する脆弱性	CWE-83 Web ページの属性に対するスクリプトの不適切な無害化	CVE-2026-8245	2026-05-28 14:37	2026-05-21	Show	GitHub Exploit DB Packet Storm

1155	4.3	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおける複数の脆弱性	CWE-269 CWE-620 CWE-915	CVE-2026-8327	2026-05-28 14:37	2026-05-21	Show	GitHub Exploit DB Packet Storm

1156	5.3	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおける複数の脆弱性	CWE-565 CWE-639	CVE-2026-8337	2026-05-28 14:37	2026-05-21	Show	GitHub Exploit DB Packet Storm

1157	4.3	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-8340	2026-05-28 14:37	2026-05-22	Show	GitHub Exploit DB Packet Storm

1158	4.3	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-8347	2026-05-28 14:37	2026-05-22	Show	GitHub Exploit DB Packet Storm

1159	8.8	重要 Network	Concrete CMS	Concrete CMS	Concrete CMSにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-8350	2026-05-28 14:37	2026-05-21	Show	GitHub Exploit DB Packet Storm

1160	4.8	警告 Network	Concrete CMS	Concrete CMS	Concrete CMSにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-8353	2026-05-28 14:37	2026-05-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2531	5.5	MEDIUM Local	-	-	IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. _dosToUnixTime() decodes the local-file-header last-modification da…	CWE-248 Uncaught Exception	CVE-2025-15649	2026-05-30 01:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

2532	7.1	HIGH Network	-	-	LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods (pull_prompt / pull_promp…	CWE-502 Deserialization of Untrusted Data	CVE-2026-45134	2026-05-30 01:12	2026-05-28	Show	GitHub Exploit DB Packet Storm

2533	5.4	MEDIUM Network	-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.59, POST /api/blocks/{block_id}/execute endpoint executes block…	CWE-770 CWE-841 Allocation of Resources Without Limits or Throttling Improper Enforcement of Behavioral Workflow	CVE-2026-45023	2026-05-30 01:07	2026-05-29	Show	GitHub Exploit DB Packet Storm

2534	7.5	HIGH Network	google	chrome	Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox vi…	CWE-457 Use of Uninitialized Variable	CVE-2026-9963	2026-05-30 01:06	2026-05-29	Show	GitHub Exploit DB Packet Storm

2535	7.5	HIGH Network	dell	unisphere_for_powermax_virtual_appliance	Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX application running in vApp	CWE-285 Improper Authorization	CVE-2022-34363	2026-05-30 00:53	2026-05-23	Show	GitHub Exploit DB Packet Storm

2536	6.5	MEDIUM Network	golang	net	Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.	CWE-400 Uncontrolled Resource Consumption	CVE-2026-25680	2026-05-30 00:47	2026-05-23	Show	GitHub Exploit DB Packet Storm

2537	6.5	MEDIUM Network	-	-	The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sendi…	CWE-295 Improper Certificate Validation	CVE-2026-44213	2026-05-30 00:42	2026-05-27	Show	GitHub Exploit DB Packet Storm

2538	7.1	HIGH Network	-	-	Auth0.js is a client-side JavaScript library for Auth0. From 8.11.0 to 9.32.0, under specific preconditions, the Auth0.js SDK may improperly return user profile information using a valid access token…	CWE-863 Incorrect Authorization	CVE-2026-42280	2026-05-30 00:42	2026-05-28	Show	GitHub Exploit DB Packet Storm

2539	7.5	HIGH Network	-	-	opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics en…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2026-44902	2026-05-30 00:42	2026-05-28	Show	GitHub Exploit DB Packet Storm

2540	-		-	-	go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, go-git's SSH transport constructs the remote exec command by wrapping the repository path in …	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-45570	2026-05-30 00:42	2026-05-28	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed