Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205361 7.5 重要
Network 		jq project - jq の jv_dump_term 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4074 2016-05-17 18:11 2016-04-24 Show GitHub Exploit DB Packet Storm
205362 7.5 重要
Network 		レッドハット - HTTPS NIO コネクタにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-2094 2016-05-17 18:11 2016-04-24 Show GitHub Exploit DB Packet Storm
205363 4.8 警告
Network 		アドビシステムズ - Adobe ColdFusion におけるサーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1115 2016-05-17 18:11 2016-05-10 Show GitHub Exploit DB Packet Storm
205364 9.8 緊急
Network 		アドビシステムズ - Adobe ColdFusion における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2016-1114 2016-05-17 18:11 2016-05-10 Show GitHub Exploit DB Packet Storm
205365 6.1 警告
Network 		アドビシステムズ - Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1113 2016-05-17 18:11 2016-05-10 Show GitHub Exploit DB Packet Storm
205366 9.8 緊急
Network 		SUSE - SUSE Linux Enterprise で使用される yast2-users における脆弱性 CWE-255
証明書・パスワード管理 		CVE-2016-1601 2016-05-17 15:47 2016-04-25 Show GitHub Exploit DB Packet Storm
205367 5.9 警告
Network 		GNU Project
Canonical
Fedora Project		 - GNU Libtasn1 の lib/decoding.c の _asn1_extract_der_octet 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-4008 2016-05-17 14:52 2016-04-11 Show GitHub Exploit DB Packet Storm
205368 4.6 警告
Physics 		Lexmark - Lexmark プリンタのファームウェアにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-3145 2016-05-17 14:52 2016-04-7 Show GitHub Exploit DB Packet Storm
205369 7.8 重要
Local 		Linux - 32-bit プラットフォーム上で稼動する Linux Kernel の net/netfilter/x_tables.c における整数オーバーフローの脆弱性 CWE-189
CWE-Other
CVE-2016-3135 2016-05-17 14:51 2016-03-10 Show GitHub Exploit DB Packet Storm
205370 6.8 警告
Local 		Google
Linux		 - Debian wheezy の linux パッケージおよび Red Hat Enterprise Linux の kernel パッケージの特定の Linux Kernel バックポートの fs/pipe.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-0774 2016-05-17 14:51 2016-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
631 8.1 HIGH
Adjacent 		- - Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. UPnP is enabl… New CWE-306
Missing Authentication for Critical Function 		CVE-2026-36603 2026-06-5 11:17 2026-06-4 Show GitHub Exploit DB Packet Storm
632 4.3 MEDIUM
Adjacent 		- - Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw … New CWE-200
Information Exposure 		CVE-2026-36602 2026-06-5 11:17 2026-06-4 Show GitHub Exploit DB Packet Storm
633 7.5 HIGH
Network 		google chrome Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome… Update CWE-843
Type Confusion 		CVE-2026-10022 2026-06-5 11:16 2026-05-29 Show GitHub Exploit DB Packet Storm
634 4.7 MEDIUM
Local 		linaro op-tee OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of t… New CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-45614 2026-06-5 09:20 2026-06-4 Show GitHub Exploit DB Packet Storm
635 9.8 CRITICAL
Network 		acer predator_connect_w6x_firmware Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device. Update CWE-77
Command Injection 		CVE-2026-49199 2026-06-5 04:44 2026-05-29 Show GitHub Exploit DB Packet Storm
636 9.6 CRITICAL
Network 		huggingface transformers A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code during model initialization. The… New CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-5241 2026-06-5 03:54 2026-06-3 Show GitHub Exploit DB Packet Storm
637 6.5 MEDIUM
Network 		koha koha Koha versions up to 25.11 contain a Server-Side Request Forgery (SSRF) vulnerability via the Z39.50/SRU server configuration. This allows authenticated attackers to perform internal network scanning … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-26379 2026-06-5 03:54 2026-06-4 Show GitHub Exploit DB Packet Storm
638 7.8 HIGH
Local 		linaro op-tee OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior … New CWE-416
 Use After Free 		CVE-2026-40290 2026-06-5 03:51 2026-06-4 Show GitHub Exploit DB Packet Storm
639 8.1 HIGH
Network 		shopify react-router React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution (RCE) through extern… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-42211 2026-06-5 03:50 2026-06-3 Show GitHub Exploit DB Packet Storm
640 5.4 MEDIUM
Network 		koha koha Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features New CWE-79
Cross-site Scripting 		CVE-2026-26378 2026-06-5 03:49 2026-06-4 Show GitHub Exploit DB Packet Storm