Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 17, 2026, 4:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4041 7.8 重要
Local 		ZTE ZXCLOUD iRAI ZTEのZXCLOUD iRAIにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2026-40004 2026-05-15 11:01 2026-05-7 Show GitHub Exploit DB Packet Storm
4042 6.5 警告
Network 		Zulip Zulip Server ZulipのZulip Serverにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-40300 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4043 6.5 警告
Network 		NocoBase NocoBase NocoBaseにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40346 2026-05-15 11:01 2026-04-18 Show GitHub Exploit DB Packet Storm
4044 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40357 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4045 8.8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-40365 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4046 8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40368 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4047 5.5 警告
Local 		jqlang jq jqlangのjqにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40612 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
4048 7.5 重要
Network 		PHPOffice PhpSpreadsheet PHPOfficeのPhpSpreadsheetにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40863 2026-05-15 11:01 2026-05-12 Show GitHub Exploit DB Packet Storm
4049 5.5 警告
Local 		jqlang jq jqlangのjqにおけるNULL バイトまたは NULL キャラクタの無害化に関する脆弱性 CWE-158
NULL バイトまたは NULL キャラクタの不適切な無害化 		CVE-2026-41256 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
4050 5.5 警告
Local 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-41257 2026-05-15 11:01 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3131 7.8 HIGH
Local 		- - A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via … CWE-416
 Use After Free 		CVE-2026-50261 2026-06-5 22:27 2026-06-5 Show GitHub Exploit DB Packet Storm
3132 5.5 MEDIUM
Local 		- - An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding … CWE-125
Out-of-bounds Read 		CVE-2026-50262 2026-06-5 22:27 2026-06-5 Show GitHub Exploit DB Packet Storm
3133 7.8 HIGH
Local 		- - An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFro… CWE-787
 Out-of-bounds Write 		CVE-2026-50264 2026-06-5 22:27 2026-06-5 Show GitHub Exploit DB Packet Storm
3134 3.3 LOW
Local 		- - A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purge_kv_map in the library /src/infinistore.h of the component KV Map Handler. Performing a mani… CWE-404
CWE-407
 Improper Resource Shutdown or Release
 Inefficient Algorithmic Complexity 		CVE-2026-11312 2026-06-5 22:27 2026-06-5 Show GitHub Exploit DB Packet Storm
3135 3.6 LOW
Local 		- - A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the function generate_hash_key of the file src/Runtime/python/torch_onnxmlir/src/torch_onnxmlir/backend.py of… CWE-327
CWE-328
 Use of a Broken or Risky Cryptographic Algorithm
 Use of Weak Hash 		CVE-2026-11329 2026-06-5 22:26 2026-06-5 Show GitHub Exploit DB Packet Storm
3136 7.2 HIGH
Network 		- - A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start_6rd_tunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-10871 2026-06-5 22:26 2026-06-5 Show GitHub Exploit DB Packet Storm
3137 7.2 HIGH
Network 		- - A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function start_vpnserver of the file /sbin/rc of the component Web UI. Performing a manipulation results in os command inj… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-10872 2026-06-5 22:26 2026-06-5 Show GitHub Exploit DB Packet Storm
3138 7.2 HIGH
Network 		- - A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstats_path of the file /bin/rstats of the component Web UI. Executing a manipulation can lead to os command inject… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-10873 2026-06-5 22:26 2026-06-5 Show GitHub Exploit DB Packet Storm
3139 6.3 MEDIUM
Network 		- - A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manipulation of the argument soc… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-10874 2026-06-5 22:26 2026-06-5 Show GitHub Exploit DB Packet Storm
3140 6.3 MEDIUM
Network 		- - A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The manipulation of the argument… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-10875 2026-06-5 22:26 2026-06-5 Show GitHub Exploit DB Packet Storm