Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4871	5.3	警告 Network	Nimiq	Nimiq Proof of Stake (core-rs-albatross)	NimiqのNimiq Proof of Stake (core-rs-albatross)における到達可能なアサーションに関する脆弱性	CWE-617 到達可能なアサーション	CVE-2026-34069	2026-04-27 11:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

4872	5.9	警告 Network	leancrypto	leancrypto	leancryptoにおける数値型間の変換の誤りに関する脆弱性	CWE-681 数値型間の変換の誤り	CVE-2026-34610	2026-04-27 11:18	2026-04-2	Show	GitHub Exploit DB Packet Storm

4873	7.1	重要 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-35341	2026-04-27 11:18	2026-04-22	Show	GitHub Exploit DB Packet Storm

4874	5.5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるキャッチされない例外に関する脆弱性	CWE-248 キャッチされない例外	CVE-2026-35348	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

4875	6.6	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるパーミッションの不適切な保持に関する脆弱性	CWE-281 パーミッションの不適切な保持	CVE-2026-35350	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

4876	7	重要 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35352	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

4877	4.7	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35354	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

4878	4.7	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35357	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

4879	4.7	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける複数の脆弱性	CWE-367 CWE-59	CVE-2026-35359	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

4880	6.3	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35360	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
831	-		-	-	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() Add the same NULL guard already present in l2cap_sock_resume… Update	-	CVE-2026-45834	2026-06-2 02:17	2026-05-27	Show	GitHub Exploit DB Packet Storm

832	10.0	CRITICAL Network	-	-	Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456789") lets an unauthenticated attacker … Update	CWE-798 Use of Hard-coded Credentials	CVE-2026-45631	2026-06-2 02:17	2026-05-30	Show	GitHub Exploit DB Packet Storm

833	8.1	HIGH Network	apache	apache-airflow-providers-google	Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attac… Update	CWE-322 Key Exchange without Entity Authentication	CVE-2026-45361	2026-06-2 02:17	2026-05-25	Show	GitHub Exploit DB Packet Storm

834	7.7	HIGH Network	-	-	FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery (SSRF) vulnerability allows an authenticated attacker to bypass the global isInternalAddress network pro… Update	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-44285	2026-06-2 02:17	2026-05-30	Show	GitHub Exploit DB Packet Storm

835	6.1	MEDIUM Network	-	-	SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) due to improper handling of user supplied input in the user registration functionality in register.php. Update	CWE-79 Cross-site Scripting	CVE-2026-36324	2026-06-2 02:16	2026-05-30	Show	GitHub Exploit DB Packet Storm

836	6.5	MEDIUM Network	-	-	A vulnerability was found in Tenda W12 3.0.0.7(4763). This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the arg… New	CWE-404 Improper Resource Shutdown or Release	CVE-2026-10190	2026-06-2 02:16	2026-06-1	Show	GitHub Exploit DB Packet Storm

837	4.3	MEDIUM Network	-	-	A vulnerability has been found in Dolibarr ERP CRM 23.0.0/23.0.1/23.0.2. The affected element is an unknown function of the file htdocs/user/messaging.php. Such manipulation of the argument ID leads … New	CWE-285 CWE-639 Improper Authorization Authorization Bypass Through User-Controlled Key	CVE-2026-10154	2026-06-2 02:16	2026-05-31	Show	GitHub Exploit DB Packet Storm

838	3.8	LOW Network	tfa_basic_plugins_project	tfa_basic_plugins	An access bypass vulnerability in Drupal TFA Basic Plugins allows users with the administer users permission to view or generate recovery codes for other users. This issue affects TFA Basic Plugins… Update	CWE-267 Privilege Defined With Unsafe Actions	CVE-2026-6816	2026-06-2 02:15	2026-05-29	Show	GitHub Exploit DB Packet Storm

839	8.8	HIGH Network	apache	activemq	Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-ad… New	CWE-276 Incorrect Default Permissions	CVE-2026-49157	2026-06-2 02:09	2026-06-1	Show	GitHub Exploit DB Packet Storm

840	5.9	MEDIUM Network	apache	activemq activemq_broker	Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurabl… New	CWE-1230 Exposure of Sensitive Information Through Metadata	CVE-2026-49270	2026-06-2 02:09	2026-06-1	Show	GitHub Exploit DB Packet Storm