Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2641 8.1 重要
Network 		マイクロソフト Microsoft Malware Protection Engine Microsoft Defender のリモートでコードが実行される脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-45584 2026-05-22 10:53 2026-05-20 Show GitHub Exploit DB Packet Storm
2642 6.8 警告
Physics 		マイクロソフト Microsoft Windows 11 24h2
Microsoft Windows 11 25h2
Microsoft Windows Server 2025
Microsoft Windows 11 26h1 		Windows BitLocker Security Feature Bypass Vulnerability CWE-77
コマンドインジェクション 		CVE-2026-45585 2026-05-22 10:52 2026-05-20 Show GitHub Exploit DB Packet Storm
2643 5.5 警告
Local 		GNU Project
レッドハット		 Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
nano 		GNU Project等の複数ベンダの製品における書式文字列に関する脆弱性 CWE-134
書式文字列の問題 		CVE-2026-6843 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2644 5.5 警告
Local 		GNU Project
レッドハット		 Red Hat Hardened Images
Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
GNU Binutils 		GNU Project等の複数ベンダの製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-6844 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2645 5 警告
Local 		GNU Project
レッドハット		 Red Hat Hardened Images
Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
GNU Binutils 		GNU Project等の複数ベンダの製品におけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-6845 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2646 7.8 重要
Local 		GNU Project
レッドハット		 Red Hat Hardened Images
Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
GNU Binutils 		GNU Project等の複数ベンダの製品におけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-6846 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2647 8.1 重要
Network 		レッドハット Quay レッドハットのQuayにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-6848 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2648 7.1 重要
Local 		レッドハット Red Hat Enterprise Linux AI
InstructLab 		レッドハットのRed Hat Enterprise Linux AI等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6855 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2649 6.5 警告
Adjacent 		Mozilla Foundation Mozilla Firefox Mozilla FoundationのMozilla Firefoxにおける複数の脆弱性 CWE-200
CWE-306
CVE-2026-8706 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2650 3.1
Network 		EMQX emqx EMQXのemqxにおける競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2026-8741 2026-05-22 10:52 2026-05-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3471 9.8 CRITICAL
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio… CWE-78
OS Command  		CVE-2025-41277 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
3472 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Ho… CWE-125
Out-of-bounds Read 		CVE-2025-41278 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
3473 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute cod… CWE-23
 Relative Path Traversal 		CVE-2025-41280 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
3474 7.2 HIGH
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 RX Host in version… CWE-78
OS Command  		CVE-2025-41279 2026-06-2 03:55 2026-05-29 Show GitHub Exploit DB Packet Storm
3475 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that al… CWE-78
OS Command  		CVE-2025-41281 2026-06-2 03:55 2026-05-29 Show GitHub Exploit DB Packet Storm
3476 6.5 MEDIUM
Network 		- - Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loo… CWE-674
CWE-835
 Uncontrolled Recursion
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-44740 2026-06-2 03:53 2026-06-2 Show GitHub Exploit DB Packet Storm
3477 9.9 CRITICAL
Network 		- - OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc… CWE-693
 Protection Mechanism Failure 		CVE-2026-45102 2026-06-2 03:50 2026-05-28 Show GitHub Exploit DB Packet Storm
3478 7.8 HIGH
Local 		- - systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active Netwo… CWE-78
OS Command  		CVE-2026-44724 2026-06-2 03:50 2026-05-28 Show GitHub Exploit DB Packet Storm
3479 7.5 HIGH
Network 		- - Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcr… CWE-200
CWE-306
Information Exposure
Missing Authentication for Critical Function 		CVE-2026-45332 2026-06-2 03:50 2026-05-29 Show GitHub Exploit DB Packet Storm
3480 - - - Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled… CWE-22
CWE-79
Path Traversal
Cross-site Scripting 		CVE-2026-45668 2026-06-2 03:50 2026-05-30 Show GitHub Exploit DB Packet Storm