Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205431 6.8 警告
Network 		Apache Software Foundation - Apache Subversion の svnserve/cyrus_auth.c の canonicalize_username 関数における認証に関する脆弱性 CWE-Other
その他 		CVE-2016-2167 2016-05-10 17:45 2016-04-28 Show GitHub Exploit DB Packet Storm
205432 7.5 重要
Network 		OpenSSL Project - OpenSSL の crypto/rsa/rsa_gen.c における暗号保護メカニズムを破られる脆弱性 CWE-310
暗号の問題 		CVE-2000-1254 2016-05-10 17:39 2000-06-1 Show GitHub Exploit DB Packet Storm
205433 7.4 重要
Network 		シスコシステムズ - Cisco Prime Collaboration Assurance ソフトウェアにおけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2016-1392 2016-05-10 15:02 2016-05-3 Show GitHub Exploit DB Packet Storm
205434 9.8 緊急
Network 		シスコシステムズ - Cisco TelePresence ソフトウェアの TC および CE の XML API における制御コマンドを実行される脆弱性 CWE-287
不適切な認証 		CVE-2016-1387 2016-05-10 15:02 2016-05-4 Show GitHub Exploit DB Packet Storm
205435 7.5 重要
Network 		varnish-cache.org
Debian		 - Varnish における任意の HTTP ヘッダを挿入される脆弱性 CWE-Other
その他 		CVE-2015-8852 2016-05-10 11:17 2015-03-23 Show GitHub Exploit DB Packet Storm
205436 7.5 重要
Network 		cairographics.org
openSUSE project		 - cairo の cairo-image-compositor.c の fill_xrgb32_lerp_opaque_spans 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-3190 2016-05-10 10:49 2016-03-18 Show GitHub Exploit DB Packet Storm
205437 6.5 警告
Network 		HexChat
Canonical
XChat		 - 複数の XChat 製品および HexChat の common/server.c の ssl_do_connect 関数における SSL サーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2013-7449 2016-05-10 10:41 2013-04-9 Show GitHub Exploit DB Packet Storm
205438 6.2 警告
Local 		Linux - Linux Kernel の sound/core/hrtimer.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2549 2016-05-10 10:09 2016-01-31 Show GitHub Exploit DB Packet Storm
205439 6.2 警告
Local 		Linux - Linux Kernel の sound/core/timer.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2548 2016-05-10 10:09 2016-01-31 Show GitHub Exploit DB Packet Storm
205440 7.4 重要
Local 		Linux - Linux Kernel の arch/x86/mm/tlb.c における権限を取得される脆弱性 CWE-362
競合状態 		CVE-2016-2069 2016-05-10 10:09 2016-01-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191 3.1 LOW
Network 		- - An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match `Cache-Control` response directives case-insensitive… New CWE-178
 Improper Handling of Case Sensitivity 		CVE-2026-8404 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
192 3.1 LOW
Network 		- - An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.backends.smtp.EmailBackend` in Django fails to prevent reuse of a partially-initialized connection after a … New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-7666 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
193 3.1 LOW
Network 		- - An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injective salt derivation (concatenating the cookie name and… New CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-6873 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
194 9.1 CRITICAL
Network 		- - A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environm… New CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2026-4035 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
195 9.8 CRITICAL
Network 		- - authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, the Source stage can be bypassed by sending an empty POST. This issue has been patched in versions … New CWE-287
Improper Authentication 		CVE-2026-49448 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
196 8.8 HIGH
Network 		- - authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured… New CWE-287
Improper Authentication 		CVE-2026-49443 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
197 8.8 HIGH
Adjacent 		- - BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /_log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitti… New CWE-94
Code Injection 		CVE-2026-49143 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
198 - - - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in elixir-tesla tesla allows HTTP header injection via Tesla.Multipart.add_content_type_par… New CWE-113
HTTP Response Splitting 		CVE-2026-48596 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
199 3.1 LOW
Network 		- - An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace from `Vary` response header va… New CWE-1023
 Incomplete Comparison with Missing Factors 		CVE-2026-48587 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm
200 - - - ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth (e.g., 12072000 for 12 July 2000). The a… New CWE-1391
 Use of Weak Credentials 		CVE-2026-47325 2026-06-3 23:16 2026-06-3 Show GitHub Exploit DB Packet Storm