Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4841	9.1	緊急 Network	Rapid7	velociraptor	Rapid7のvelociraptorにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-6290	2026-04-27 11:19	2026-04-15	Show	GitHub Exploit DB Packet Storm

4842	5.3	警告 Network	fastify	fastify-static	fastifyのfastify-staticにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-6410	2026-04-27 11:19	2026-04-16	Show	GitHub Exploit DB Packet Storm

4843	5.9	警告 Network	fastify	fastify-static	fastifyのfastify-staticにおけるURL エンコーディング（16進エンコーディング）の処理に関する脆弱性	CWE-177 URLエンコーディング（16進エンコーディング）の不適切な処理	CVE-2026-6414	2026-04-27 11:19	2026-04-16	Show	GitHub Exploit DB Packet Storm

4844	5.4	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-6515	2026-04-27 11:19	2026-04-22	Show	GitHub Exploit DB Packet Storm

4845	8.8	重要 Network	CPS-IT	Mailqueue	CPS-ITのMailqueueにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-1323	2026-04-27 11:19	2026-03-17	Show	GitHub Exploit DB Packet Storm

4846	6.5	警告 Network	Linux Foundation	Backstage/plugin-scaffolder-backend	Linux FoundationのBackstage/plugin-scaffolder-backendにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-29184	2026-04-27 11:19	2026-03-7	Show	GitHub Exploit DB Packet Storm

4847	4.3	警告 Network	Guido Schmechel (ayacoo)	redirect_tab	Guido Schmechel (ayacoo)のredirect_tabにおける複数の脆弱性	CWE-200 CWE-862 CWE-862	CVE-2026-4202	2026-04-27 11:19	2026-03-17	Show	GitHub Exploit DB Packet Storm

4848	8.8	重要 Network	Ralf Freit (MrSilaz)	mfa_mail	Ralf Freit (MrSilaz)のmfa_mailにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-4208	2026-04-27 11:19	2026-03-17	Show	GitHub Exploit DB Packet Storm

4849	8.1	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-3605	2026-04-27 11:19	2026-04-17	Show	GitHub Exploit DB Packet Storm

4850	9.4	緊急 Network	dgraph	dgraph	dgraphにおける複数の脆弱性	CWE-200 CWE-215 CWE-522	CVE-2026-40173	2026-04-27 11:19	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
401	6.5	MEDIUM Network	google	android	In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an integer overflow. This could lead to remote denial of service with no additional execution privileges … New	CWE-190 Integer Overflow or Wraparound	CVE-2026-0041	2026-06-3 03:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

402	6.5	MEDIUM Network	google	android	In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution priv… New	CWE-190 Integer Overflow or Wraparound	CVE-2026-0040	2026-06-3 03:44	2026-06-2	Show	GitHub Exploit DB Packet Storm

403	6.5	MEDIUM Network	google	android	In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to remote denial of service with no additional execut… New	CWE-190 Integer Overflow or Wraparound	CVE-2026-0039	2026-06-3 03:44	2026-06-2	Show	GitHub Exploit DB Packet Storm

404	5.5	MEDIUM Local	google	android	In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additi… New	CWE-20 Improper Input Validation	CVE-2026-0018	2026-06-3 03:44	2026-06-2	Show	GitHub Exploit DB Packet Storm

405	7.1	HIGH Network	ibm	engineering_lifecycle_management	IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 through Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 is vulnerable to an XML exter… Update	CWE-611 XXE	CVE-2026-3603	2026-06-3 03:44	2026-05-27	Show	GitHub Exploit DB Packet Storm

406	7.5	HIGH Network	viewcomponent	view_component	view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file … Update	CWE-187 Partial String Comparison	CVE-2026-44837	2026-06-3 03:43	2026-05-27	Show	GitHub Exploit DB Packet Storm

407	3.3	LOW Local	google	android	In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disc… New	CWE-269 Improper Privilege Management	CVE-2026-0016	2026-06-3 03:41	2026-06-2	Show	GitHub Exploit DB Packet Storm

408	7.5	HIGH Network	ibm	websphere_application_server	IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggl… Update	CWE-444 HTTP Request Smuggling	CVE-2026-8620	2026-06-3 03:40	2026-05-27	Show	GitHub Exploit DB Packet Storm

409	9.8	CRITICAL Network	shepherdwind	velocity.js	Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the… Update	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-44966	2026-06-3 03:40	2026-05-27	Show	GitHub Exploit DB Packet Storm

410	8.2	HIGH Network	github	enterprise_server	A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insu… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-9312	2026-06-3 03:31	2026-05-27	Show	GitHub Exploit DB Packet Storm