Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4811	8.8	重要 Network	Electron	electron	Electronのelectronにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34772	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

4812	7.5	重要 Network	Electron	electron	Electronのelectronにおける複数の脆弱性	CWE-20 CWE-74 CWE-74	CVE-2026-34773	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

4813	8.1	重要 Network	Electron	electron	Electronのelectronにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-34774	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

4814	9.8	緊急 Network	Electron	electron	Electronのelectronにおける隔離または分類に関する脆弱性	CWE-653 不適切な隔離または分類	CVE-2026-34775	2026-04-24 11:44	2026-04-4	Show	GitHub Exploit DB Packet Storm

4815	9.8	緊急 Network	Bruno Software Inc.	Bruno	Bruno Software Inc.のBrunoにおける複数の脆弱性	CWE-494 CWE-506	CVE-2026-34841	2026-04-24 11:44	2026-04-6	Show	GitHub Exploit DB Packet Storm

4816	5.3	警告 Network	Discourse	Discourse	Discourseにおける情報漏えいに関する脆弱性	CWE-200 CWE-noinfo	CVE-2026-34947	2026-04-24 11:44	2026-04-3	Show	GitHub Exploit DB Packet Storm

4817	9.1	緊急 Network	nearform	fast-jwt	nearformのfast-jwtにおける暗号アルゴリズムの使用に関する脆弱性	CWE-327 不完全、または危険な暗号アルゴリズムの使用	CVE-2026-34950	2026-04-24 11:44	2026-04-6	Show	GitHub Exploit DB Packet Storm

4818	4.3	警告 Network	Plunk	Plunk	PlunkにおけるCRLF インジェクションの脆弱性	CWE-93 CRLF インジェクション	CVE-2026-34975	2026-04-24 11:44	2026-04-6	Show	GitHub Exploit DB Packet Storm

4819	10	緊急 Network	dgraph	dgraph	dgraphにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-34976	2026-04-24 11:44	2026-04-6	Show	GitHub Exploit DB Packet Storm

4820	8.2	重要 Local	Vim	Vim	VimにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-34982	2026-04-24 11:44	2026-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
591	7.1	HIGH Network	-	-	LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods (pull_prompt / pull_promp… Update	CWE-502 Deserialization of Untrusted Data	CVE-2026-45134	2026-05-30 01:12	2026-05-28	Show	GitHub Exploit DB Packet Storm

592	5.4	MEDIUM Network	-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.59, POST /api/blocks/{block_id}/execute endpoint executes block… New	CWE-770 CWE-841 Allocation of Resources Without Limits or Throttling Improper Enforcement of Behavioral Workflow	CVE-2026-45023	2026-05-30 01:07	2026-05-29	Show	GitHub Exploit DB Packet Storm

593	7.5	HIGH Network	google	chrome	Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox vi… New	CWE-457 Use of Uninitialized Variable	CVE-2026-9963	2026-05-30 01:06	2026-05-29	Show	GitHub Exploit DB Packet Storm

594	7.5	HIGH Network	dell	unisphere_for_powermax_virtual_appliance	Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX application running in vApp Update	CWE-285 Improper Authorization	CVE-2022-34363	2026-05-30 00:53	2026-05-23	Show	GitHub Exploit DB Packet Storm

595	6.5	MEDIUM Network	golang	net	Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. Update	CWE-400 Uncontrolled Resource Consumption	CVE-2026-25680	2026-05-30 00:47	2026-05-23	Show	GitHub Exploit DB Packet Storm

596	6.5	MEDIUM Network	-	-	The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sendi… Update	CWE-295 Improper Certificate Validation	CVE-2026-44213	2026-05-30 00:42	2026-05-27	Show	GitHub Exploit DB Packet Storm

597	-		-	-	The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites. Update	CWE-284 Improper Access Control	CVE-2026-48906	2026-05-30 00:42	2026-05-27	Show	GitHub Exploit DB Packet Storm

598	7.1	HIGH Network	-	-	Auth0.js is a client-side JavaScript library for Auth0. From 8.11.0 to 9.32.0, under specific preconditions, the Auth0.js SDK may improperly return user profile information using a valid access token… Update	CWE-863 Incorrect Authorization	CVE-2026-42280	2026-05-30 00:42	2026-05-28	Show	GitHub Exploit DB Packet Storm

599	7.5	HIGH Network	-	-	opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics en… Update	CWE-755 Improper Handling of Exceptional Conditions	CVE-2026-44902	2026-05-30 00:42	2026-05-28	Show	GitHub Exploit DB Packet Storm

600	-		-	-	go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that differs from upstream Git. When commit o… Update	CWE-180 CWE-345 Incorrect Behavior Order: Validate Before Canonicalize Insufficient Verification of Data Authenticity	CVE-2026-45022	2026-05-30 00:42	2026-05-28	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed