Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3751	6.5	警告 Adjacent	シスコシステムズ	Cisco Firepower Threat Defense ソフトウェア Adaptive Security Appliance (ASA) Software	シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-20023	2026-05-7 11:28	2026-03-4	Show	GitHub Exploit DB Packet Storm

3752	5.7	警告 Adjacent	シスコシステムズ	Cisco Firepower Threat Defense ソフトウェア Adaptive Security Appliance (ASA) Software	シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-20024	2026-05-7 11:28	2026-03-4	Show	GitHub Exploit DB Packet Storm

3753	8.6	重要 Network	シスコシステムズ	Adaptive Security Appliance (ASA) Software	シスコシステムズのAdaptive Security Appliance (ASA) Softwareにおける有効なライフタイム後のリソースの解放の欠如に関する脆弱性	CWE-772 有効なライフタイム後のリソースの解放の欠如	CVE-2026-20082	2026-05-7 11:28	2026-03-4	Show	GitHub Exploit DB Packet Storm

3754	5	警告 Network	Cloud Foundry, Inc.	routing release cf-deployment	Cloud Foundry, Inc.のCf-deployment等の複数製品における意図するエンドポイントとの通信チャネルの制限に関する脆弱性	CWE-923 意図するエンドポイントとの通信チャネルの不適切な制限	CVE-2026-22726	2026-05-7 11:28	2026-05-1	Show	GitHub Exploit DB Packet Storm

3755	6.5	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-22740	2026-05-7 11:28	2026-04-29	Show	GitHub Exploit DB Packet Storm

3756	3.1	低 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおける重要な情報を含むキャッシュの使用に関する脆弱性	CWE-524 重要な情報を含むキャッシュの使用	CVE-2026-22741	2026-05-7 11:28	2026-04-29	Show	GitHub Exploit DB Packet Storm

3757	5.3	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-22745	2026-05-7 11:28	2026-04-29	Show	GitHub Exploit DB Packet Storm

3758	8.8	重要 Network	Apache Software Foundation	Apache HTTP Server	Apache Software FoundationのApache HTTP Serverにおける二重解放に関する脆弱性	CWE-415 二重解放	CVE-2026-23918	2026-05-7 11:28	2026-05-4	Show	GitHub Exploit DB Packet Storm

3759	8.8	重要 Network	Apache Software Foundation	Apache HTTP Server	Apache Software FoundationのApache HTTP Serverにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-24072	2026-05-7 11:28	2026-05-4	Show	GitHub Exploit DB Packet Storm

3760	9.8	緊急 Network	NVIDIA	nvflare	NVIDIAのnvflareにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-24178	2026-05-7 11:28	2026-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2571	6.1	MEDIUM Network	golang	net	Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2026-25681	2026-05-30 00:30	2026-05-23	Show	GitHub Exploit DB Packet Storm

2572	7.5	HIGH Network	-	-	Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass use…	CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine	CVE-2026-44209	2026-05-30 00:29	2026-05-27	Show	GitHub Exploit DB Packet Storm

2573	5.4	MEDIUM Network	-	-	FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting (XSS) vulnerability exists in the product search modal of sales (Core/Lib/Aja…	CWE-79 Cross-site Scripting	CVE-2026-42877	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2574	-		-	-	Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devi…	CWE-89 SQL Injection	CVE-2026-44886	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2575	9.8	CRITICAL Network	-	-	Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. S…	CWE-94 Code Injection	CVE-2026-44887	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2576	9.8	CRITICAL Network	-	-	Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly…	CWE-94 Code Injection	CVE-2026-44888	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2577	-		-	-	OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access…	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-44720	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2578	9.8	CRITICAL Network	-	-	The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted …	CWE-306 Missing Authentication for Critical Function	CVE-2026-45083	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2579	-		-	-	Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, ExAws.SNS.PublicKeyCache modules) allows Signature Spoofing by Improper Validation. This vulnerability is associated wi…	CWE-295 Improper Certificate Validation	CVE-2026-47074	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2580	6.1	MEDIUM Network	golang	net	Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2026-27136	2026-05-30 00:27	2026-05-23	Show	GitHub Exploit DB Packet Storm