Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
218561 4.3 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における WLS - Web Services に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-4241 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218562 2.1 注意 オラクル - Oracle Fusion Middleware の Oracle HTTP Server における plugin に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-4222 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218563 4.3 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における WLS - Web Services に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-4217 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218564 5 警告 オラクル - Oracle Fusion Middleware の Oracle WebCenter Portal における Portlet Services に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-4211 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218565 5 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における WLS - Web Services に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-4210 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218566 5 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における WLS - Web Services に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-4202 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218567 5 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における WLS - Web Services に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-4201 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218568 6.4 警告 オラクル - Oracle Fusion Middleware の Oracle JDeveloper における ADF Faces に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-2493 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218569 6.8 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における脆弱性 CWE-noinfo
情報不足 		CVE-2014-2481 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
218570 6.8 警告 オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における脆弱性 CWE-noinfo
情報不足 		CVE-2014-2480 2014-07-18 18:41 2014-07-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1051 8.8 HIGH
Network 		- - BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/_internal/container/frontend/dockerfile/templates/base_v2.j2 in… Update CWE-78
OS Command  		CVE-2026-44345 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1052 8.8 HIGH
Network 		- - BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs[*].n… Update CWE-78
CWE-94
OS Command 
Code Injection 		CVE-2026-44346 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1053 6.8 MEDIUM
Adjacent 		- - Volcano is a Kubernetes-native batch scheduling system. Prior to v1.14.2, v1.13.3, and v1.12.4, the Volcano webhook server does not enforce a size limit on incoming HTTP request bodies. Any in-cluste… Update CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-44247 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1054 8.2 HIGH
Network 		- - Anchor is a framework providing several convenient developer tools for writing Solana programs. From 1.0.0 to before 1.0.2, an logic error causes anchor programs to accept any program id when requiri… Update CWE-20
 Improper Input Validation  		CVE-2026-45137 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1055 - - - electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From 3.0.6 to 3.8.8, This vulnerability is fixed in 3.9.0. Update CWE-94
CWE-732
CWE-940
Code Injection
 Incorrect Permission Assignment for Critical Resource
 Improper Verification of Source of a Communication Channel 		CVE-2026-45353 2026-05-30 00:34 2026-05-29 Show GitHub Exploit DB Packet Storm
1056 - - - electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confid… Update CWE-326
CWE-329
CWE-353
CWE-759
CWE-916
Inadequate Encryption Strength
 Not Using a Random IV with CBC Mode
 Missing Support for Integrity Check
 Use of a One-Way Hash without a Salt
 Use of Password Hash With Insufficient Computational Effort 		CVE-2026-45787 2026-05-30 00:34 2026-05-29 Show GitHub Exploit DB Packet Storm
1057 6.1 MEDIUM
Network 		golang net Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo… Update CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-25681 2026-05-30 00:30 2026-05-23 Show GitHub Exploit DB Packet Storm
1058 7.5 HIGH
Network 		- - Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass use… Update CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-44209 2026-05-30 00:29 2026-05-27 Show GitHub Exploit DB Packet Storm
1059 5.4 MEDIUM
Network 		- - FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting (XSS) vulnerability exists in the product search modal of sales (Core/Lib/Aja… Update CWE-79
Cross-site Scripting 		CVE-2026-42877 2026-05-30 00:29 2026-05-28 Show GitHub Exploit DB Packet Storm
1060 - - - Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devi… Update CWE-89
SQL Injection 		CVE-2026-44886 2026-05-30 00:29 2026-05-28 Show GitHub Exploit DB Packet Storm