Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3921 9.8 緊急
Network 		NASA F Prime NASAのF Primeにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-41144 2026-05-25 10:22 2026-04-22 Show GitHub Exploit DB Packet Storm
3922 7.8 重要
Local 		DevSpace DevSpace DevSpaceにおける複数の脆弱性 CWE-200
CWE-306
CVE-2026-42283 2026-05-25 10:22 2026-05-14 Show GitHub Exploit DB Packet Storm
3923 10 緊急
Network 		マイクロソフト
The Foreman		 Azure Resource Manager
Azure Local 		Azure Local 向けディスコネクテッド オペレーション サービスの特権昇格の脆弱性 CWE-287
CWE-noinfo
CVE-2026-42822 2026-05-25 10:22 2026-05-18 Show GitHub Exploit DB Packet Storm
3924 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不完全なクリーンアップに関する脆弱性 CWE-459
不完全なクリーンアップ 		CVE-2026-43395 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
3925 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-43396 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
3926 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-43397 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
3927 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-43398 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
3928 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-Other
その他 		CVE-2026-43399 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
3929 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-43400 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
3930 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-43401 2026-05-25 10:22 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 9.9 CRITICAL
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special she… New CWE-78
OS Command  		CVE-2026-54636 2026-06-27 04:01 2026-06-27 Show GitHub Exploit DB Packet Storm
2 8.8 HIGH
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository directory to the host and then interpolates their filen… New CWE-95
Eval Injection 		CVE-2026-45406 2026-06-27 04:01 2026-06-27 Show GitHub Exploit DB Packet Storm
3 5.4 MEDIUM
Network 		getgrav grav Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious s… New CWE-79
Cross-site Scripting 		CVE-2020-37256 2026-06-27 03:58 2026-06-26 Show GitHub Exploit DB Packet Storm
4 5.5 MEDIUM
Local 		freebsd freebsd When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not check the result before delivering the signal. The … New CWE-269
 Improper Privilege Management 		CVE-2026-45256 2026-06-27 03:58 2026-06-27 Show GitHub Exploit DB Packet Storm
5 7.5 HIGH
Network 		apache apache-airflow-providers-ftp The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control channel was TLS-protected the data channel was tran… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-49486 2026-06-27 03:58 2026-06-26 Show GitHub Exploit DB Packet Storm
6 5.4 MEDIUM
Network 		jupyter jupyter_server Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored notebook HTML under the Jupyter origin without a sandbox … New CWE-79
CWE-1021
Cross-site Scripting
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-44727 2026-06-27 03:57 2026-06-23 Show GitHub Exploit DB Packet Storm
7 7.8 HIGH
Local 		freebsd freebsd The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by se… New CWE-123
 Write-what-where Condition 		CVE-2026-45257 2026-06-27 03:56 2026-06-27 Show GitHub Exploit DB Packet Storm
8 8.8 HIGH
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preve… New CWE-59
Link Following 		CVE-2026-45405 2026-06-27 03:56 2026-06-27 Show GitHub Exploit DB Packet Storm
9 5.5 MEDIUM
Local 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKU_ROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the net… New CWE-522
 Insufficiently Protected Credentials 		CVE-2026-45407 2026-06-27 03:55 2026-06-27 Show GitHub Exploit DB Packet Storm
10 9.0 CRITICAL
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted ap… New CWE-78
OS Command  		CVE-2026-45408 2026-06-27 03:55 2026-06-27 Show GitHub Exploit DB Packet Storm