Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 4:11 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
221	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-35083	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

222	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-35084	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

223	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 New	CWE-121 スタックオーバーフロー	CVE-2026-35085	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

224	7.5	重要 Network	レッドハット GNU Project	Redhat Enterprise Linux For Power Little Endian Els Red Hat Enterprise Linux for IBM z Systems - Extended Updat…	GNU Project等の複数ベンダの製品におけるAPI への入力に対する未定義の動作に関する脆弱性 New	CWE-475 API への入力に対する未定義の動作	CVE-2026-42009	2026-06-9 14:11	2026-05-18	Show	GitHub Exploit DB Packet Storm

225	7.8	重要 Local	Thermalright	TR-VISION HOME	ThermalrightのTR-VISION HOMEにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 New	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-4255	2026-06-9 14:11	2026-03-16	Show	GitHub Exploit DB Packet Storm

226	6.5	警告 Network	レッドハット	Red Hat OpenShift Container Platform OpenShift Router	レッドハットのRed Hat OpenShift Container Platform等の複数製品におけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42965	2026-06-9 14:11	2026-05-29	Show	GitHub Exploit DB Packet Storm

227	8.7	重要 Network	SUSE	Local Path Provisioner	SUSEのLocal Path Provisionerにおける権限管理に関する脆弱性 New	CWE-269 不適切な権限管理	CVE-2026-44543	2026-06-9 14:11	2026-05-28	Show	GitHub Exploit DB Packet Storm

228	9.6	緊急 Network	Guardrails AI	Guardrails AI	Guardrails AIにおける埋め込まれた悪意のあるコードに関する脆弱性 New	CWE-506 埋め込まれた悪意のあるコード	CVE-2026-45758	2026-06-9 14:11	2026-06-5	Show	GitHub Exploit DB Packet Storm

229	7.5	重要 Network	レッドハット	Red Hat OpenShift Container Platform OpenShift Router	レッドハットのRed Hat OpenShift Container Platform等の複数製品における認証に関する脆弱性 New	CWE-287 CWE-noinfo	CVE-2026-46579	2026-06-9 14:10	2026-05-29	Show	GitHub Exploit DB Packet Storm

230	5.3	警告 Network	Cosimo	Net::statsd	CosimoのNet::statsdにおけるCRLF インジェクションの脆弱性 New	CWE-93 CRLF インジェクション	CVE-2026-46719 CVE-2026-46720 CVE-2026-46739	2026-06-9 14:10	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1351	4.3	MEDIUM Network	nextcloud	calendar	Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.17, and 6.2.0 to before 6.2.3, an authenticated user can enumerate users on the same Nextcloud instance …	CWE-200 NVD-CWE-noinfo Information Exposure	CVE-2026-45286	2026-06-4 05:35	2026-06-2	Show	GitHub Exploit DB Packet Storm

1352	6.4	MEDIUM Network	nextcloud	nextcloud_server	Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes…	CWE-862 Missing Authorization	CVE-2026-45285	2026-06-4 05:34	2026-06-2	Show	GitHub Exploit DB Packet Storm

1353	8.8	HIGH Network	nextcloud	user_oidc	Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user …	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-45284	2026-06-4 05:28	2026-06-2	Show	GitHub Exploit DB Packet Storm

1354	8.6	HIGH Network	openairinterface	openairinterface5g	An issue was discovered in OpenAirInterface5G 2.4.0 (nr-softmodem) in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fill_RRU_PrbTotDl() and fill_RRU_PrbTotUl() in open…	CWE-369 Divide By Zero	CVE-2026-37232	2026-06-4 05:26	2026-06-2	Show	GitHub Exploit DB Packet Storm

1355	2.7	LOW Network	projectcapsule	capsule	Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate …	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-30963	2026-06-4 05:22	2026-06-2	Show	GitHub Exploit DB Packet Storm

1356	7.8	HIGH Local	google	android_xr	In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional executi…	CWE-285 Improper Authorization	CVE-2026-0072	2026-06-4 05:16	2026-06-2	Show	GitHub Exploit DB Packet Storm

1357	7.5	HIGH Network	juliangruber	brace-expansion	The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large num…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-45149	2026-06-4 05:13	2026-05-30	Show	GitHub Exploit DB Packet Storm

1358	5.4	MEDIUM Network	mozilla	firefox	Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted wit…	CWE-79 Cross-site Scripting	CVE-2026-9308	2026-06-4 05:02	2026-06-1	Show	GitHub Exploit DB Packet Storm

1359	5.4	MEDIUM Network	mozilla	firefox	Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These pa…	CWE-79 Cross-site Scripting	CVE-2026-9309	2026-06-4 05:02	2026-06-1	Show	GitHub Exploit DB Packet Storm

1360	7.5	HIGH Network	dlink	di-7001mini-8g_firmware	A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpd_debug.asp of the component API. The manipulation of the argument Time results…	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-10270	2026-06-4 05:02	2026-06-2	Show	GitHub Exploit DB Packet Storm