Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1331	8.8	重要 Network	オラクル	Oracle E-Business Suite	オラクルのOracle E-Business Suiteにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-46837	2026-06-8 11:45	2026-05-28	Show	GitHub Exploit DB Packet Storm

1332	9.9	緊急 Network	オラクル	REST Data Services	オラクルのREST Data Servicesにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46839	2026-06-8 11:45	2026-05-28	Show	GitHub Exploit DB Packet Storm

1333	10	緊急 Network	オラクル	REST Data Services	オラクルのREST Data Servicesにおける複数の脆弱性	CWE-284 CWE-287 CWE-306	CVE-2026-46840	2026-06-8 11:45	2026-05-28	Show	GitHub Exploit DB Packet Storm

1334	5.3	警告 Network	オラクル	REST Data Services	オラクルのREST Data Servicesにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-46841	2026-06-8 11:45	2026-05-28	Show	GitHub Exploit DB Packet Storm

1335	8.5	重要 Network	Authentik Security Inc	authentik	Authentik Security Incのauthentikにおける複数の脆弱性	CWE-20 CWE-347	CVE-2026-47201	2026-06-8 11:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

1336	9.8	緊急 Network	Apache Software Foundation	Apache Camel	Apache Software FoundationのApache Camelにおける大文字と小文字の区別の不適切な処理に関する脆弱性	CWE-178 大文字と小文字の区別の不適切な処理	CVE-2026-47323	2026-06-8 11:45	2026-05-19	Show	GitHub Exploit DB Packet Storm

1337	8.1	重要 Network	OpenStack	OpenStack Ironic	OpenStackのOpenStack Ironicにおける相対パストラバーサルの脆弱性	CWE-23 相対的パストラバーサル	CVE-2026-48681	2026-06-8 11:45	2026-06-4	Show	GitHub Exploit DB Packet Storm

1338	7.8	重要 Local	Open Source Geospatial Foundation	GDAL	Open Source Geospatial FoundationのGDALにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-49014	2026-06-8 11:45	2026-05-27	Show	GitHub Exploit DB Packet Storm

1339	8.8	重要 Network	Authentik Security Inc	authentik	Authentik Security Incのauthentikにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-49443	2026-06-8 11:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

1340	9.8	緊急 Network	Authentik Security Inc	authentik	Authentik Security Incのauthentikにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-49448	2026-06-8 11:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2491	8.3	HIGH Adjacent	macgregor	interschalt_vdr_g4e_firmware	Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials.	CWE-798 Use of Hard-coded Credentials	CVE-2026-42929	2026-06-5 03:26	2026-05-30	Show	GitHub Exploit DB Packet Storm

2492	3.6	LOW Local	lfprojects	mlflow	A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipu…	CWE-327 CWE-328 Use of a Broken or Risky Cryptographic Algorithm Use of Weak Hash	CVE-2026-10803	2026-06-5 03:24	2026-06-4	Show	GitHub Exploit DB Packet Storm

2493	2.2	LOW Network	-	-	In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set device_owner to a value that has "network:" at the beginning ("n…	CWE-863 Incorrect Authorization	CVE-2026-50266	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2494	7.4	HIGH Network	-	-	An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When ssl…	CWE-297 Improper Validation of Certificate with Host Mismatch	CVE-2026-44393	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2495	9.9	CRITICAL Network	-	-	Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public `/image/<hash>` route that resolves attacker-controlled entries from `image_has…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-43986	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2496	8.9	HIGH Network	-	-	Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `log_js_errors` to any authenticated user, including guest users when guest access is en…	CWE-79 Cross-site Scripting	CVE-2026-43984	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2497	-		-	-	unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. Thi…	CWE-407 Inefficient Algorithmic Complexity	CVE-2026-3276	2026-06-5 03:16	2026-06-4	Show	GitHub Exploit DB Packet Storm

2498	7.8	HIGH Local	-	-	Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remot…	CWE-502 Deserialization of Untrusted Data	CVE-2026-25551	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2499	9.8	CRITICAL Network	-	-	Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The serv…	CWE-306 CWE-502 Missing Authentication for Critical Function Deserialization of Untrusted Data	CVE-2026-25550	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

2500	9.8	CRITICAL Network	-	-	OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query, allowing an unauthenticat…	CWE-89 SQL Injection	CVE-2026-10880	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm