Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216021 5.4 警告 nba - Android 用 NBA Game Time 2013-2014 アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6700 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216022 5.4 警告 weather - Android 用 Weather Channel アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6699 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216023 5.4 警告 igg - Android 用 Galaxy Online 2 アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6698 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216024 5.4 警告 mobilesoft - Android 用 Morocco Weather アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6697 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216025 5.4 警告 candy girl party makeover project - Android 用 Candy Girl Party Makeover アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6696 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216026 5.4 警告 wedding photo frames-love pics project - Android 用 Wedding Photo Frames-Love Pics アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6695 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216027 5.4 警告 5sos family planet project - Android 用 5SOS Family Planet アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6694 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216028 5.4 警告 juiker - Android 用 Juiker アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6693 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216029 5.4 警告 wps - Android 用 Kingsoft Clip (Office Tool) アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6692 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216030 5.4 警告 UCMobile - Android 用 UC Browser HD アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6691 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
861 7.5 HIGH
Network 		- - An integer underflow in the BGPUpdate.DecodeFromBytes function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message. Update CWE-190
 Integer Overflow or Wraparound 		CVE-2026-37462 2026-06-5 01:28 2026-06-4 Show GitHub Exploit DB Packet Storm
862 6.3 MEDIUM
Network 		- - A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI mo… Update CWE-79
Cross-site Scripting 		CVE-2026-39107 2026-06-5 01:28 2026-06-4 Show GitHub Exploit DB Packet Storm
863 - - - GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack. New - CVE-2026-36182 2026-06-5 01:28 2026-06-5 Show GitHub Exploit DB Packet Storm
864 - - - bacnet_stack 1.3.1 contains an Out-of-bounds Read in bacnet_tag_number_decode which allows attackers to cause a denial of service. New - CVE-2026-38570 2026-06-5 01:28 2026-06-5 Show GitHub Exploit DB Packet Storm
865 9.8 CRITICAL
Network 		- - CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated response header values. Update CWE-113
HTTP Response Splitting 		CVE-2026-38967 2026-06-5 01:26 2026-06-3 Show GitHub Exploit DB Packet Storm
866 9.8 CRITICAL
Network 		- - An OS command injection vulnerability in the app.py component of openlabs docker-wkhtmltopdf-aas up to commit 9f50579 allows attackers to execute arbitrary commands via a crafted POST request. Update CWE-78
OS Command  		CVE-2026-36576 2026-06-5 01:26 2026-06-4 Show GitHub Exploit DB Packet Storm
867 - - - Dovestones Softwares ADPhonebook before v4.0.1.1 is vulnerable to a Cross Site Scripting vulnerability. The /Admin/Save API allows an authenticated admin user to store malicious JavaScript payloads i… Update - CVE-2026-36460 2026-06-5 01:26 2026-06-4 Show GitHub Exploit DB Packet Storm
868 6.1 MEDIUM
Network 		- - Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS. Update CWE-79
Cross-site Scripting 		CVE-2026-33553 2026-06-5 01:25 2026-06-3 Show GitHub Exploit DB Packet Storm
869 5.4 MEDIUM
Network 		- - LIBPNG is a reference library for use in applications that process PNG (Portable Network Graphics) raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG pa… New CWE-436
 Interpretation Conflict 		CVE-2026-40930 2026-06-5 01:23 2026-06-5 Show GitHub Exploit DB Packet Storm
870 - - - OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks one file descriptor on eac… New CWE-772
CWE-775
 Missing Release of Resource after Effective Lifetime
 Missing Release of File Descriptor or Handle after Effective Lifetime 		CVE-2026-45287 2026-06-5 01:23 2026-06-5 Show GitHub Exploit DB Packet Storm