Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3781	7.5	重要 Network	Apache Software Foundation	Apache HTTP Server	Apache Software FoundationのApache HTTP Serverにおけるバッファオーバーリードの脆弱性	CWE-126 バッファオーバーリード	CVE-2026-34059	2026-05-7 11:27	2026-05-4	Show	GitHub Exploit DB Packet Storm

3782	6.5	警告 Network	SAP	human capital management	SAPのhuman capital managementにおけるリクエストに対するレスポンス内容の違いに起因する情報漏えいに関する脆弱性	CWE-204 リクエストに対するレスポンス内容の違いに起因する情報漏えい	CVE-2026-34264	2026-05-7 11:27	2026-04-14	Show	GitHub Exploit DB Packet Storm

3783	7.5	重要 Network	Go JOSE project	Go JOSE	Go JOSE projectのGo JOSEにおけるキャッチされない例外に関する脆弱性	CWE-248 キャッチされない例外	CVE-2026-34986	2026-05-7 11:27	2026-04-6	Show	GitHub Exploit DB Packet Storm

3784	5.5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける関数の戻り値に対する不適切なチェックに関する脆弱性	CWE-253 関数の戻り値に対する不適切なチェック	CVE-2026-35339	2026-05-7 11:27	2026-04-22	Show	GitHub Exploit DB Packet Storm

3785	5.5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける関数の戻り値に対する不適切なチェックに関する脆弱性	CWE-253 関数の戻り値に対する不適切なチェック	CVE-2026-35340	2026-05-7 11:27	2026-04-22	Show	GitHub Exploit DB Packet Storm

3786	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける安全でない一時ファイルに関する脆弱性	CWE-377 安全でない一時ファイル	CVE-2026-35342	2026-05-7 11:27	2026-04-22	Show	GitHub Exploit DB Packet Storm

3787	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける常に不適切な制御フローの実装に関する脆弱性	CWE-670 常に不適切な制御フローの実装	CVE-2026-35343	2026-05-7 11:27	2026-04-22	Show	GitHub Exploit DB Packet Storm

3788	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける未チェックの戻り値に関する脆弱性	CWE-252 未チェックの戻り値	CVE-2026-35344	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

3789	5.3	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける複数の脆弱性	CWE-367 CWE-59	CVE-2026-35345	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

3790	5.5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける誤って解決された名前や参照の使用に関する脆弱性	CWE-706 誤って解決された名前や参照の使用	CVE-2026-35358	2026-05-7 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2461	9.8	CRITICAL Network	-	-	Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. S…	CWE-94 Code Injection	CVE-2026-44887	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2462	9.8	CRITICAL Network	-	-	Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly…	CWE-94 Code Injection	CVE-2026-44888	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2463	-		-	-	OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access…	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-44720	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2464	9.8	CRITICAL Network	-	-	The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted …	CWE-306 Missing Authentication for Critical Function	CVE-2026-45083	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2465	-		-	-	Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, ExAws.SNS.PublicKeyCache modules) allows Signature Spoofing by Improper Validation. This vulnerability is associated wi…	CWE-295 Improper Certificate Validation	CVE-2026-47074	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

2466	6.1	MEDIUM Network	golang	net	Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2026-27136	2026-05-30 00:27	2026-05-23	Show	GitHub Exploit DB Packet Storm

2467	9.6	CRITICAL Network	golang	net	The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com…	CWE-1289 Improper Validation of Unsafe Equivalence in Input	CVE-2026-39821	2026-05-30 00:26	2026-05-23	Show	GitHub Exploit DB Packet Storm

2468	4.3	MEDIUM Network	-	-	A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to …	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-9416	2026-05-30 00:16	2026-05-25	Show	GitHub Exploit DB Packet Storm

2469	4.8	MEDIUM Network	-	-	A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This v…	CWE-444 HTTP Request Smuggling	CVE-2026-6324	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

2470	4.6	MEDIUM Physics	-	-	Uncontrolled resource consumption in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-veh…	CWE-307 CWE-400 CWE-770 mproper Restriction of Excessive Authentication Attempts Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2026-49324	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm