Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3431	8.3	重要 Network	マイクロソフト	Windows Admin Center	Windows Admin Center の特権の昇格の脆弱性	CWE-862 認証の欠如	CVE-2026-35438	2026-06-3 15:37	2026-05-12	Show	GitHub Exploit DB Packet Storm

3432	9.1	緊急 Network	The Go Project	crypto	The Go Projectのcryptoにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-39832	2026-06-3 15:36	2026-05-22	Show	GitHub Exploit DB Packet Storm

3433	9.1	緊急 Network	The Go Project	crypto	The Go Projectのcryptoにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-39833	2026-06-3 15:36	2026-05-22	Show	GitHub Exploit DB Packet Storm

3434	9.1	緊急 Network	The Go Project	crypto	The Go Projectのcryptoにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-39834	2026-06-3 15:36	2026-05-22	Show	GitHub Exploit DB Packet Storm

3435	5.3	警告 Network	The Go Project	crypto	The Go Projectのcryptoにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-39835	2026-06-3 15:36	2026-05-22	Show	GitHub Exploit DB Packet Storm

3436	7.5	重要 Network	Joomla!	Joomla!	Joomla!におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40384	2026-06-3 15:36	2026-05-26	Show	GitHub Exploit DB Packet Storm

3437	5.4	警告 Network	free5gc	free5gc	free5GCにおけるセキュリティチェックに関する脆弱性	CWE-358 不適切に実装されたセキュリティチェック	CVE-2026-42082	2026-06-3 15:36	2026-05-27	Show	GitHub Exploit DB Packet Storm

3438	8.2	重要 Network	free5gc	free5gc	free5GCにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-42083	2026-06-3 15:36	2026-05-27	Show	GitHub Exploit DB Packet Storm

3439	7.5	重要 Network	free5gc	free5gc	free5GCにおける複数の脆弱性	CWE-20 CWE-209	CVE-2026-42459	2026-06-3 15:36	2026-05-27	Show	GitHub Exploit DB Packet Storm

3440	9.1	緊急 Network	The Go Project	crypto	The Go Projectのcryptoにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-42508	2026-06-3 15:36	2026-05-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
401	7.8	HIGH Local	anydesk	anydesk	AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert mal… New	CWE-428 Unquoted Search Path or Element	CVE-2016-20094	2026-06-26 22:02	2026-06-20	Show	GitHub Exploit DB Packet Storm

402	7.8	HIGH Local	malwarebytes	malwarebytes	Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root path… New	CWE-428 Unquoted Search Path or Element	CVE-2022-50971	2026-06-26 21:59	2026-06-20	Show	GitHub Exploit DB Packet Storm

403	6.5	MEDIUM Network	struktur	libheif	libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unit_offset + unit_size. Becau… New	CWE-125 Out-of-bounds Read	CVE-2026-49271	2026-06-26 21:33	2026-06-20	Show	GitHub Exploit DB Packet Storm

404	7.5	HIGH Network	sunnyadn	js-toml	js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written `parseBigI… New	CWE-400 CWE-407 CWE-1333 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity Inefficient Regular Expression Complexity	CVE-2026-49293	2026-06-26 21:11	2026-06-20	Show	GitHub Exploit DB Packet Storm

405	-		-	-	wc_Blake2bHmacFinal and wc_Blake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the … New	CWE-354 Improper Validation of Integrity Check Value	CVE-2026-8720	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

406	-		-	-	iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP addr… New	CWE-295 Improper Certificate Validation	CVE-2026-7532	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

407	-		-	-	PKCS7_verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted. New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-7511	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

408	5.4	MEDIUM Network	-	-	A vulnerability in jupyter/nbconvert versions <= 7.17.0 allows for Cross-site Scripting (XSS) via unsanitized `text/vnd.mermaid` output in HTML exports. The `data_mermaid` block in `share/templates/l… New	CWE-79 Cross-site Scripting	CVE-2026-6658	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

409	-		-	-	The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The consta… New	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2026-6330	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

410	-		-	-	PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the loc… New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-6329	2026-06-26 20:16	2026-06-26	Show	GitHub Exploit DB Packet Storm