Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204331 9.8 緊急
Network 		マイクロフォーカス株式会社 - Micro Focus Rumba の COM オブジェクトにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-1606 2016-07-11 17:21 2016-06-30 Show GitHub Exploit DB Packet Storm
204332 8.8 重要
Network 		DELL EMC (旧 EMC Corporation) - EMC Avamar の Avamar Data Store および Avamar Virtual Edition の web-restore インターフェースにおけるディレクトリを読まれる脆弱性 CWE-Other
その他 		CVE-2016-0906 2016-07-11 16:28 2016-07-6 Show GitHub Exploit DB Packet Storm
204333 8.8 重要
Network 		VMware - VMware vRealize Log Insight におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2016-2082 2016-07-11 16:28 2016-06-9 Show GitHub Exploit DB Packet Storm
204334 5.9 警告
Network 		VMware - VMware NSX Edge および vCNS Edge における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-2079 2016-07-11 16:28 2016-06-9 Show GitHub Exploit DB Packet Storm
204335 6.3 警告
Network 		DELL EMC (旧 EMC Corporation) - EMC RSA Archer GRC における web.config.bak ファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2016-0899 2016-07-11 12:03 2016-06-13 Show GitHub Exploit DB Packet Storm
204336 6.1 警告
Network 		VMware - VMware vRealize Log Insight におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-2081 2016-07-11 11:05 2016-06-9 Show GitHub Exploit DB Packet Storm
204337 6.1 警告
Network 		VMware - VMware vCenter Server の vSphere Web Client におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-6931 2016-07-11 11:05 2015-09-14 Show GitHub Exploit DB Packet Storm
204338 9.8 緊急
Network 		IBM - IBM Bluemix プラットフォーム上で稼動する Watson Developer Cloud サービスにおける暗号保護メカニズムを破られる脆弱性 CWE-Other
その他 		CVE-2016-0391 2016-07-11 10:53 2016-05-11 Show GitHub Exploit DB Packet Storm
204339 6.1 警告
Network 		The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-5099 2016-07-11 10:49 2016-05-25 Show GitHub Exploit DB Packet Storm
204340 5.3 警告
Network 		The phpMyAdmin Project - phpMyAdmin の libraries/error_report.lib.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-5098 2016-07-11 10:49 2016-05-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1681 5.3 MEDIUM
Network 		- - Casdoor versions 2.362.0 and earlier contain a logic flaw in the social‑login binding flow that allows users to bypass configured MFA requirements. The binding‑rule code path in controllers/auth.go c… - CVE-2026-9091 2026-05-30 05:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1682 9.1 CRITICAL
Network 		- - Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCertificateStore function extra… - CVE-2026-9090 2026-05-30 05:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1683 7.5 HIGH
Network 		microsoft planetary_computer Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network. CWE-502
 Deserialization of Untrusted Data 		CVE-2026-41104 2026-05-30 04:46 2026-05-23 Show GitHub Exploit DB Packet Storm
1684 5.5 MEDIUM
Local 		pypdf_project pypdf pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP me… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-48735 2026-05-30 04:38 2026-05-29 Show GitHub Exploit DB Packet Storm
1685 3.3 LOW
Local 		pypdf_project pypdf pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams w… CWE-834
 Excessive Iteration 		CVE-2026-48156 2026-05-30 04:38 2026-05-29 Show GitHub Exploit DB Packet Storm
1686 5.5 MEDIUM
Local 		pypdf_project pypdf pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in l… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-48155 2026-05-30 04:38 2026-05-29 Show GitHub Exploit DB Packet Storm
1687 9.8 CRITICAL
Network 		ibm engineering_lifecycle_management IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the ap… CWE-863
 Incorrect Authorization 		CVE-2026-3660 2026-05-30 04:31 2026-05-27 Show GitHub Exploit DB Packet Storm
1688 9.6 CRITICAL
Network 		amirraminfar dozzle Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: func(r *http.Request) bool { return true }, accepti… CWE-346
 Origin Validation Error 		CVE-2026-44985 2026-05-30 04:30 2026-05-27 Show GitHub Exploit DB Packet Storm
1689 7.1 HIGH
Adjacent 		free5gc free5gc free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against it… CWE-358
 Improperly Implemented Security Check for Standard 		CVE-2026-42081 2026-05-30 04:24 2026-05-28 Show GitHub Exploit DB Packet Storm
1690 8.6 HIGH
Network 		amirraminfar dozzle Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is re… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45298 2026-05-30 04:23 2026-05-27 Show GitHub Exploit DB Packet Storm