Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
321	4.3	警告 Network	Jenkins プロジェクト	Git Parameter	JenkinsのGit Parameterにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-57286	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

322	4.3	警告 Network	Jenkins プロジェクト	Job Configuration History	JenkinsのJob Configuration Historyにおける重要な情報の平文保存に関する脆弱性 New	CWE-312 重要な情報の平文保存	CVE-2026-57287	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

323	3.7	低 Network	Jenkins プロジェクト	Active Directory	JenkinsのActive DirectoryにおけるLDAP インジェクションの脆弱性 New	CWE-90 LDAP インジェクション	CVE-2026-57288	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

324	4.8	警告 Network	Jenkins プロジェクト	bitbucket push and pull request	Jenkinsのbitbucket push and pull requestにおける証明書検証に関する脆弱性 New	CWE-295 不正な証明書検証	CVE-2026-57289	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

325	4.3	警告 Network	Jenkins プロジェクト	contrast continuous application security	Jenkinsのcontrast continuous application securityにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-57297	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

326	4.3	警告 Network	Jenkins プロジェクト	contrast continuous application security	Jenkinsのcontrast continuous application securityにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-57299	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

327	4.3	警告 Network	Jenkins プロジェクト	MCP Server Plugin	JenkinsのMCP Server Pluginにおける認証の欠如に関する脆弱性 New	CWE-862 認証の欠如	CVE-2026-57300	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

328	8.8	重要 Network	Jenkins プロジェクト	Official OWASP ZAP	JenkinsのOfficial OWASP ZAPにおける別領域リソースに対する外部からの制御可能な参照に関する脆弱性 New	CWE-610 別領域リソースに対する外部からの制御可能な参照	CVE-2026-57301	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

329	4.3	警告 Network	Jenkins プロジェクト	FitNesse	JenkinsのFitNesseにおける認証情報の平文保存に関する脆弱性 New	CWE-256 平文でパスワードを保存	CVE-2026-57302	2026-06-29 11:09	2026-06-24	Show	GitHub Exploit DB Packet Storm

330	6.1	警告 Local	Vim	Vim	Vimにおける境界外読み取りに関する脆弱性 New	CWE-125 境界外読み取り	CVE-2026-57451	2026-06-29 11:09	2026-06-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3831	7.5	HIGH Network	-	-	Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attac…	CWE-120 Classic Buffer Overflow	CVE-2026-36796	2026-06-11 05:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

3832	7.5	HIGH Network	-	-	Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the domain parameter of the fromNetToolGet function. This vulnerability allows…	CWE-121 Stack-based Buffer Overflow	CVE-2026-36783	2026-06-11 05:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

3833	9.8	CRITICAL Network	-	-	An issue was discovered in bitbank2 AnimatedGIF v2.2.0. A buffer overflow in the DecodeLZW function allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code …	CWE-120 Classic Buffer Overflow	CVE-2026-30141	2026-06-11 05:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

3834	6.5	MEDIUM Network	-	-	An uncaught exception in the /application/job/update/{id} endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the module_task:job:update permission to cause a Denial of Service (DoS) …	CWE-400 Uncontrolled Resource Consumption	CVE-2026-36724	2026-06-11 05:15	2026-06-10	Show	GitHub Exploit DB Packet Storm

3835	6.1	MEDIUM Network	-	-	A markdown based cross-site scripting (XSS) vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafte…	CWE-79 Cross-site Scripting	CVE-2026-36725	2026-06-11 05:15	2026-06-10	Show	GitHub Exploit DB Packet Storm

3836	5.4	MEDIUM Network	-	-	A markdown based cross-site scripting (XSS) vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted pa…	CWE-79 Cross-site Scripting	CVE-2026-36728	2026-06-11 05:15	2026-06-10	Show	GitHub Exploit DB Packet Storm

3837	-		-	-	A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-6444	2026-06-11 05:13	2026-06-10	Show	GitHub Exploit DB Packet Storm

3838	-		-	-	A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges.	CWE-939 Improper Authorization in Handler for Custom URL Scheme	CVE-2026-6445	2026-06-11 05:13	2026-06-10	Show	GitHub Exploit DB Packet Storm

3839	-		-	-	CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an…	CWE-250 Execution with Unnecessary Privileges	CVE-2026-11626	2026-06-11 05:13	2026-06-11	Show	GitHub Exploit DB Packet Storm

3840	7.8	HIGH Local	microsoft	windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2025	Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.	CWE-843 Type Confusion	CVE-2026-45600	2026-06-11 05:03	2026-06-10	Show	GitHub Exploit DB Packet Storm