Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4871 7.8 重要
Local 		マイクロソフト Kiota マイクロソフトのKiotaにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41134 2026-05-18 12:05 2026-04-22 Show GitHub Exploit DB Packet Storm
4872 8.2 重要
Network 		Kata Containers Confidential Containers
Kata Containers 		Kata ContainersのConfidential Containers等の複数製品におけるUNIX Symbolic Link のフォローに関する脆弱性 CWE-61
UNIX Symbolic Link のフォロー 		CVE-2026-41326 2026-05-18 12:05 2026-04-24 Show GitHub Exploit DB Packet Storm
4873 8.4 重要
Local 		opentelemetry OpenTelemetry eBPF Instrumentation opentelemetryのOpenTelemetry eBPF Instrumentationにおける複数の脆弱性 CWE-22
CWE-59
CVE-2026-41433 2026-05-18 12:05 2026-04-24 Show GitHub Exploit DB Packet Storm
4874 5.3 警告
Network 		RedwoodSDK RedwoodSDK RedwoodjsのRedwoodSDKにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-42190 2026-05-18 12:05 2026-05-8 Show GitHub Exploit DB Packet Storm
4875 7.2 重要
Network 		FileMaker, Inc Claris FileMaker Cloud Claris International Inc. (旧 FileMaker, Inc)のClaris FileMaker Cloudにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-43680 2026-05-18 12:05 2026-05-12 Show GitHub Exploit DB Packet Storm
4876 7.2 重要
Network 		FileMaker, Inc Claris FileMaker Cloud Claris International Inc. (旧 FileMaker, Inc)のClaris FileMaker CloudにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-43685 2026-05-18 12:05 2026-05-12 Show GitHub Exploit DB Packet Storm
4877 6.5 警告
Network 		Shellhub Shellhub Shellhubにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-44426 2026-05-18 12:05 2026-05-13 Show GitHub Exploit DB Packet Storm
4878 9.8 緊急
Network 		Yarbo Lawn Mower Pro Firmware
Lawn Mower Firmware 		YarboのLawn Mower Firmware等の複数製品における非公開の機能に関する脆弱性 CWE-912
CWE-noinfo
CVE-2026-7413 2026-05-18 12:05 2026-05-7 Show GitHub Exploit DB Packet Storm
4879 9.8 緊急
Network 		Yarbo Lawn Mower Pro Firmware
Lawn Mower Firmware 		YarboのLawn Mower Firmware等の複数製品におけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-7414 2026-05-18 12:05 2026-05-7 Show GitHub Exploit DB Packet Storm
4880 9.8 緊急
Network 		Yarbo Lawn Mower Pro Firmware
Lawn Mower Firmware 		YarboのLawn Mower Firmware等の複数製品における重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-7415 2026-05-18 12:05 2026-05-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3531 - - - A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue i… CWE-79
Cross-site Scripting 		CVE-2026-0266 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3532 - - - An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the Glo… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-0267 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3533 - - - A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. This does not impact Prisma Access Agent on Window… CWE-424
 Improper Protection of Alternate Path 		CVE-2026-0268 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3534 - - - A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet… CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-0269 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3535 - - - A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipu… CWE-22
Path Traversal 		CVE-2026-0270 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3536 - - - A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges. This does not impact Pri… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-0271 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3537 - - - An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resource… CWE-1390
 Weak Authentication 		CVE-2026-0274 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3538 - - - A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with… CWE-862
 Missing Authorization 		CVE-2026-0272 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3539 - - - A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to … CWE-78
OS Command  		CVE-2026-0273 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm
3540 - - - An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kern… CWE-122
CWE-131
CWE-787
Heap-based Buffer Overflow
Incorrect Calculation of Buffer Size
 Out-of-bounds Write 		CVE-2026-11604 2026-06-12 00:21 2026-06-11 Show GitHub Exploit DB Packet Storm