Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4891 8.1 重要
Network 		Sgbett BSV Ruby SDK (bsv-sdk)
bsv-wallet 		Sgbettのbsv-wallet等の複数製品におけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-40070 2026-04-27 11:17 2026-04-9 Show GitHub Exploit DB Packet Storm
4892 8.1 重要
Network 		Nimiq Nimiq Proof of Stake (core-rs-albatross) NimiqのNimiq Proof of Stake (core-rs-albatross)における入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2026-40093 2026-04-27 11:17 2026-04-9 Show GitHub Exploit DB Packet Storm
4893 5.5 警告
Local 		Giskard Giskard Giskardにおける非効率的な正規表現の複雑さに関する脆弱性 CWE-1333
非効率的な正規表現の複雑さ 		CVE-2026-40319 2026-04-27 11:17 2026-04-17 Show GitHub Exploit DB Packet Storm
4894 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける到達可能なアサーションに関する脆弱性 CWE-617
到達可能なアサーション 		CVE-2026-23356 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
4895 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 CWE-667
不適切なロック 		CVE-2026-23357 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
4896 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-23358 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
4897 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-23359 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
4898 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2026-23360 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
4899 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-23361 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
4900 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 CWE-667
不適切なロック 		CVE-2026-23362 2026-04-27 10:55 2026-03-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
531 6.5 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cross-site request forgery vulnerability on the 2FA toggle. plugin/LoginControl/set.json.php accepts POST type=set2FA val… Update CWE-306
CWE-352
Missing Authentication for Critical Function
 Origin Validation Error 		CVE-2026-45610 2026-06-2 03:40 2026-05-29 Show GitHub Exploit DB Packet Storm
532 6.5 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, EpgParser.php, plugin/AI/receiveAsync.json.php, and other locations do not use the $resolvedIP out-param of isSSRFSafeURL() for DNS … Update CWE-367
CWE-918
 Time-of-check Time-of-use (TOCTOU) Race Condition
Server-Side Request Forgery (SSRF)  		CVE-2026-45619 2026-06-2 03:40 2026-05-29 Show GitHub Exploit DB Packet Storm
533 5.3 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, objects/mention.json.php has no User::loginCheck() or admin gate. It only has an entry guard: preg_match('/^@/', $_REQUEST['term']) … Update CWE-204
CWE-285
 Response Discrepancy Information Exposure
Improper Authorization 		CVE-2026-45620 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
534 8.1 HIGH
Network 		n8n-mcp n8n-mcp n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLE_MULTI_TENANT=true, the HTTP transport documents that th… Update CWE-284
Improper Access Control 		CVE-2026-45707 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
535 4.9 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, view/update.php reads $_POST['updateFile'] as a relative path under updatedb/ and passes it to PHP's file() for line-by-line executi… Update CWE-22
Path Traversal 		CVE-2026-45731 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
536 5.3 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private us… Update CWE-22
Path Traversal 		CVE-2026-46337 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
537 9.8 CRITICAL
Network 		sangoma freepbx FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if … Update CWE-798
 Use of Hard-coded Credentials 		CVE-2026-46376 2026-06-2 03:38 2026-05-29 Show GitHub Exploit DB Packet Storm
538 5.4 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, AVideo stores category descriptions from user input and later renders category_description as raw HTML in the Gallery view. A user w… Update CWE-79
Cross-site Scripting 		CVE-2026-47694 2026-06-2 03:38 2026-05-29 Show GitHub Exploit DB Packet Storm
539 4.3 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST pa… Update CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-47696 2026-06-2 03:38 2026-05-29 Show GitHub Exploit DB Packet Storm
540 - - - GitButler is a modern Git-based version control interface for AI-powered workflows. Prior to 0.19.7, a emote code execution vulnerability exists in the Tauri-based GitButler desktop application. An a… Update CWE-94
Code Injection 		CVE-2026-45261 2026-06-2 03:38 2026-05-29 Show GitHub Exploit DB Packet Storm