Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4241	9.1	緊急 Network	BACnet Stack	BACnet Stack	BACnet Stackにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41475	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

4242	9.9	緊急 Network	Saltcorn	Saltcorn	SaltcornにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-41478	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

4243	9.8	緊急 Network	dgraph	dgraph	dgraphにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-41492	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

4244	7.5	重要 Network	BACnet Stack	BACnet Stack	BACnet Stackにおける複数の脆弱性	CWE-125 CWE-193	CVE-2026-41502	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

4245	7.5	重要 Network	BACnet Stack	BACnet Stack	BACnet Stackにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41503	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

4246	7.5	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-41602	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

4247	7.4	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける複数の脆弱性	CWE-297 CWE-306	CVE-2026-41603	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

4248	8.2	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41604	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

4249	7.3	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-41605	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

4250	5.3	警告 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-41606	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1341	6.2	MEDIUM Local	-	-	A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local attackers to obtain sensitive informatio…	CWE-598 Information Exposure Through Query Strings in GET Request	CVE-2026-2237	2026-05-27 23:54	2026-05-27	Show	GitHub Exploit DB Packet Storm

1342	8.0	HIGH Adjacent	-	-	A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-3012	2026-05-27 23:54	2026-05-27	Show	GitHub Exploit DB Packet Storm

1343	4.2	MEDIUM Network	-	-	A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote at…	CWE-1288 Improper Validation of Consistency within Input	CVE-2026-9689	2026-05-27 23:54	2026-05-27	Show	GitHub Exploit DB Packet Storm

1344	7.1	HIGH Network	-	-	A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem wri…	CWE-284 Improper Access Control	CVE-2026-1933	2026-05-27 23:54	2026-05-27	Show	GitHub Exploit DB Packet Storm

1345	6.8	MEDIUM Network	-	-	A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token …	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2026-9704	2026-05-27 23:54	2026-05-27	Show	GitHub Exploit DB Packet Storm

1346	6.8	MEDIUM Network	-	-	PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-an…	CWE-89 SQL Injection	CVE-2026-9617	2026-05-27 23:54	2026-05-27	Show	GitHub Exploit DB Packet Storm

1347	5.3	MEDIUM Network	-	-	IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message …	CWE-209 Information Exposure Through an Error Message	CVE-2024-28765	2026-05-27 23:53	2026-05-27	Show	GitHub Exploit DB Packet Storm

1348	5.9	MEDIUM Network	-	-	IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log…	CWE-521 Weak Password Requirements	CVE-2024-40684	2026-05-27 23:53	2026-05-27	Show	GitHub Exploit DB Packet Storm

1349	7.2	HIGH Network	-	-	IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating syste…	CWE-530 Exposure of Backup File to an Unauthorized Control Sphere	CVE-2024-56462	2026-05-27 23:53	2026-05-27	Show	GitHub Exploit DB Packet Storm

1350	5.4	MEDIUM Network	-	-	IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting (XSS). This vulnerability allows a remote attacker to …	CWE-79 Cross-site Scripting	CVE-2025-3633	2026-05-27 23:53	2026-05-27	Show	GitHub Exploit DB Packet Storm