Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3341 7.2 重要
Network 		MISP MISP MISPにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-44380 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
3342 5.3 警告
Network 		MISP MISP MISPにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-44381 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
3343 6.5 警告
Network 		Frappe ERPNext FrappeのERPNextにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-44448 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
3344 7.1 重要
Network 		DataHub project DataHub DataHubにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-44501 2026-05-18 11:25 2026-05-14 Show GitHub Exploit DB Packet Storm
3345 9.1 緊急
Network 		Graham Steffaniak(gtsteffaniak) FileBrowser Quantum Graham Steffaniak(gtsteffaniak)のFileBrowser Quantumにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-44542 2026-05-18 11:25 2026-05-14 Show GitHub Exploit DB Packet Storm
3346 5.9 警告
Network 		Vercel, Inc. (旧 Zeit, Inc.) Next.js Vercel, Inc. (旧 Zeit, Inc.)のNext.jsにおける信頼できるデータ受け入れ時の信頼できない無関係なデータの受け入れに関する脆弱性 CWE-349
信頼できるデータ受け入れ時の信頼できない無関係なデータの受け入れ 		CVE-2026-44572 2026-05-18 11:25 2026-05-13 Show GitHub Exploit DB Packet Storm
3347 7.8 重要
Local 		Hayaki Saito (saitoha) libsixel Hayaki Saito (saitoha)のlibsixelにおける複数の脆弱性 CWE-122
CWE-190
CVE-2026-44636 2026-05-18 11:25 2026-05-14 Show GitHub Exploit DB Packet Storm
3348 7.1 重要
Local 		Hayaki Saito (saitoha) libsixel Hayaki Saito (saitoha)のlibsixelにおける複数の脆弱性 CWE-190
CWE-787
CWE-787
CVE-2026-44637 2026-05-18 11:25 2026-05-14 Show GitHub Exploit DB Packet Storm
3349 2.5
Local 		Hayaki Saito (saitoha) libsixel Hayaki Saito (saitoha)のlibsixelにおける複数の脆弱性 CWE-476
CWE-476
CWE-690
CVE-2026-44638 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3350 7.5 重要
Network 		ZITADEL ZITADEL ZITADELにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-44671 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3151 5.4 MEDIUM
Network 		- - Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from… CWE-862
 Missing Authorization 		CVE-2026-49782 2026-06-2 23:43 2026-06-2 Show GitHub Exploit DB Packet Storm
3152 8.8 HIGH
Network 		openstack keystone An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforce_call unconditionally merges the raw JSON request body into the policy enforcement dictionary … CWE-863
 Incorrect Authorization 		CVE-2026-42999 2026-06-2 23:41 2026-05-29 Show GitHub Exploit DB Packet Storm
3153 4.3 MEDIUM
Adjacent 		- - Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection… CWE-538
 File and Directory Information Exposure 		CVE-2019-25717 2026-06-2 23:40 2026-06-2 Show GitHub Exploit DB Packet Storm
3154 8.8 HIGH
Network 		openstack keystone An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to ad… CWE-863
 Incorrect Authorization 		CVE-2026-43000 2026-06-2 23:38 2026-05-29 Show GitHub Exploit DB Packet Storm
3155 4.9 MEDIUM
Network 		mattermost legal_hold Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federat… CWE-22
Path Traversal 		CVE-2026-6957 2026-06-2 23:29 2026-05-28 Show GitHub Exploit DB Packet Storm
3156 8.1 HIGH
Network 		erlang erlang\/otp Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verific… CWE-295
CWE-297
Improper Certificate Validation 
 Improper Validation of Certificate with Host Mismatch 		CVE-2026-42790 2026-06-2 23:24 2026-05-28 Show GitHub Exploit DB Packet Storm
3157 8.1 HIGH
Network 		openstack keystone An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federate… CWE-863
 Incorrect Authorization 		CVE-2026-44394 2026-06-2 23:21 2026-05-29 Show GitHub Exploit DB Packet Storm
3158 9.8 CRITICAL
Network 		joomla joomla\! The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set. NVD-CWE-noinfo
CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-48902 2026-06-2 23:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3159 - - - RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, RustFS suffers from sensitive information leakage in log outputs. When the server is run with RUST_LOG=debug sensit… CWE-312
CWE-532
 Cleartext Storage of Sensitive Information
 Inclusion of Sensitive Information in Log Files 		CVE-2026-45040 2026-06-2 23:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3160 7.5 HIGH
Network 		portainer portainer Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before … CWE-598
Information Exposure Through Query Strings in GET Request  		CVE-2026-44883 2026-06-2 23:16 2026-05-29 Show GitHub Exploit DB Packet Storm