Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
216061 5.4 警告 iphone4 - Android 用 iPhone4.TW アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6648 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216062 5.4 警告 santiagosarceda - Android 用 ElForro.com アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6647 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216063 5.4 警告 bellyhoodcom project - Android 用 bellyhoodcom アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6646 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216064 5.4 警告 fiatforum - Android 用 FIAT Forum アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6643 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216065 5.4 警告 marksdailyapple - Android 用 Mark's Daily Apple Forum アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6642 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216066 5.4 警告 Group Builder - Android 用 Homesteading Today アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6641 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216067 5.4 警告 dnb - Android 用 DNB Trade アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6640 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216068 5.4 警告 tiomobilepay - Android 用 TIO MobilePay - Bill Payments アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6639 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216069 5.4 警告 pocketmags - Android 用 Inside Crochet アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6669 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
216070 5.4 警告 nana project - Android 用 African Radios Live アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6668 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
911 - - - The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden network devices or publish r… New CWE-287
Improper Authentication 		CVE-2026-49186 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
912 - - - The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse. New CWE-200
Information Exposure 		CVE-2026-49187 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
913 - - - The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands. New CWE-489
Exposure of Data Element to Wrong Session  		CVE-2026-49188 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
914 - - - Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations. New CWE-269
 Improper Privilege Management 		CVE-2026-49189 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
915 - - - The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions. New CWE-78
OS Command  		CVE-2026-49190 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
916 - - - The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages. New CWE-287
Improper Authentication 		CVE-2026-49191 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
917 - - - The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping. New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-49192 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
918 - - - Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet. New CWE-200
Information Exposure 		CVE-2026-49193 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
919 - - - The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface. New CWE-287
Improper Authentication 		CVE-2026-49194 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm
920 - - - Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft. New CWE-287
Improper Authentication 		CVE-2026-49202 2026-06-5 00:10 2026-06-4 Show GitHub Exploit DB Packet Storm