Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205721 2.1 注意 アップル - Apple iOS の LaunchServices の XPC Services API におけるイベントハンドラの制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-1760 2016-03-30 11:00 2016-03-21 Show GitHub Exploit DB Packet Storm
205722 3.5 注意 シスコシステムズ - Cisco Unified Communications Domain Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1314 2016-03-30 10:48 2016-03-28 Show GitHub Exploit DB Packet Storm
205723 5.5 警告 Granite Data Services - Granite Data Services に XML 外部実体参照 (XXE) に関する脆弱性 CWE-Other
その他 		CVE-2016-2340 2016-03-29 16:15 2016-03-24 Show GitHub Exploit DB Packet Storm
205724 9.3 危険 アップル - Apple iOS などで使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-1727 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205725 9.3 危険 アップル - Apple iOS および Safari などで使用される WebKit における任意のコードを実行される脆弱性が存在します。 CWE-119
バッファエラー 		CVE-2016-1726 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205726 9.3 危険 アップル - Apple iOS および Safari などで使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-1725 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205727 9.3 危険 アップル - Apple iOS などで使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-1724 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205728 9.3 危険 アップル - Apple iOS および Safari などで使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-1723 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205729 7.2 危険 アップル - 複数の Apple 製品の syslog における権限を取得される脆弱性 CWE-119
CWE-264
CVE-2016-1722 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
205730 7.2 危険 アップル - 複数の Apple 製品のカーネルにおける権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-1721 2016-03-29 15:44 2016-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221 7.5 HIGH
Network 		- - Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcr… New CWE-200
CWE-306
Information Exposure
Missing Authentication for Critical Function 		CVE-2026-45332 2026-05-30 13:17 2026-05-29 Show GitHub Exploit DB Packet Storm
222 7.4 HIGH
Network 		- - CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.22, the fetch_url tool validates the initial URL's resolved IP address against a restricted-IP blocklist (is_restricted_ip()) to … Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45310 2026-05-30 13:17 2026-05-29 Show GitHub Exploit DB Packet Storm
223 7.5 HIGH
Network 		- - Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/{filename} endpoint on Windows deployments that allows unauthenticated remote attack… New CWE-36
 Absolute Path Traversal 		CVE-2026-10044 2026-05-30 13:17 2026-05-29 Show GitHub Exploit DB Packet Storm
224 8.1 HIGH
Network 		- - Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing se… Update CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-46402 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
225 9.9 CRITICAL
Network 		- - OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc… Update CWE-693
 Protection Mechanism Failure 		CVE-2026-45102 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
226 7.8 HIGH
Local 		- - systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active Netwo… Update CWE-78
OS Command  		CVE-2026-44724 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
227 - - - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an excepti… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-44660 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
228 8.8 HIGH
Network 		- - phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability in the admin API user password endpoint that allows authenticated administrators to change any user's password without… Update CWE-266
 Incorrect Privilege Assignment 		CVE-2026-35671 2026-05-30 11:16 2026-05-29 Show GitHub Exploit DB Packet Storm
229 6.3 MEDIUM
Network 		- - A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with… New CWE-362
CWE-488
Race Condition
 Exposure of Data Element to Wrong Session 		CVE-2026-9831 2026-05-30 07:16 2026-05-30 Show GitHub Exploit DB Packet Storm
230 4.5 MEDIUM
Local 		- - NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_quic_conn* during dialing, but read as ex_quic_conn* during dialer close. This … New CWE-843
Type Confusion 		CVE-2026-44640 2026-05-30 07:16 2026-05-30 Show GitHub Exploit DB Packet Storm