Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1481 6.5 警告
Network 		Nextcloud Nextcloud Server NextcloudのNextcloud Serverにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-45282 2026-06-5 10:46 2026-06-1 Show GitHub Exploit DB Packet Storm
1482 4.3 警告
Network 		Nextcloud Nextcloud Server NextcloudのNextcloud Serverにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-45283 2026-06-5 10:46 2026-06-1 Show GitHub Exploit DB Packet Storm
1483 8.8 重要
Network 		Nextcloud user oidc Nextcloudのuser oidcにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-45284 2026-06-5 10:46 2026-06-1 Show GitHub Exploit DB Packet Storm
1484 6.4 警告
Network 		Nextcloud Nextcloud Server NextcloudのNextcloud Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-45285 2026-06-5 10:46 2026-06-1 Show GitHub Exploit DB Packet Storm
1485 4.3 警告
Network 		Nextcloud Nextcloud Calendar NextcloudのNextcloud Calendarにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-45286 2026-06-5 10:46 2026-06-1 Show GitHub Exploit DB Packet Storm
1486 7.8 重要
Local 		Electerm project Electerm Electerm projectのElectermにおける複数の脆弱性 CWE-732
CWE-94
CWE-940
CVE-2026-45353 2026-06-5 10:46 2026-05-28 Show GitHub Exploit DB Packet Storm
1487 9.1 緊急
Network 		Electerm project Electerm Electerm projectのElectermにおける複数の脆弱性 CWE-326
CWE-329
CWE-353
CWE-759
CWE-916
CVE-2026-45787 2026-06-5 10:46 2026-05-28 Show GitHub Exploit DB Packet Storm
1488 6.8 警告
Network 		レッドハット build of keycloak レッドハットのbuild of keycloakにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-4630 2026-06-5 10:46 2026-05-19 Show GitHub Exploit DB Packet Storm
1489 9.9 緊急
Network 		オラクル REST Data Services オラクルのREST Data Servicesにおける複数の脆弱性 CWE-284
CWE-400
CVE-2026-46775 2026-06-5 10:46 2026-05-28 Show GitHub Exploit DB Packet Storm
1490 9.1 緊急
Network 		オラクル Oracle E-Business Suite オラクルのOracle E-Business Suiteにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-46819 2026-06-5 10:46 2026-05-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2691 - - - Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet. CWE-200
Information Exposure 		CVE-2026-49193 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2692 - - - The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface. CWE-287
Improper Authentication 		CVE-2026-49194 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2693 - - - Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft. CWE-287
Improper Authentication 		CVE-2026-49202 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2694 - - - Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted. CWE-287
Improper Authentication 		CVE-2026-49203 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2695 - - - Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation. CWE-798
 Use of Hard-coded Credentials 		CVE-2026-49204 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2696 - - - System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-50205 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2697 - - - Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files. CWE-78
OS Command  		CVE-2026-50206 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2698 - - - The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity. CWE-22
Path Traversal 		CVE-2026-50207 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2699 - - - High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic. CWE-330
 Use of Insufficiently Random Values 		CVE-2026-50208 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
2700 - - - Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-50209 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm