Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5011 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-5377 2026-04-27 11:20 2026-04-22 Show GitHub Exploit DB Packet Storm
5012 8.1 重要
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるパスの等価性の不適切な解決に関する脆弱性 CWE-41
パスの等価性の不適切な解決 		CVE-2026-5816 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
5013 9.1 緊急
Network 		Rapid7 velociraptor Rapid7のvelociraptorにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-6290 2026-04-27 11:19 2026-04-15 Show GitHub Exploit DB Packet Storm
5014 5.3 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6410 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
5015 5.9 警告
Network 		fastify fastify-static fastifyのfastify-staticにおけるURL エンコーディング(16進エンコーディング)の処理に関する脆弱性 CWE-177
URLエンコーディング(16進エンコーディング)の不適切な処理 		CVE-2026-6414 2026-04-27 11:19 2026-04-16 Show GitHub Exploit DB Packet Storm
5016 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-6515 2026-04-27 11:19 2026-04-22 Show GitHub Exploit DB Packet Storm
5017 8.8 重要
Network 		CPS-IT Mailqueue CPS-ITのMailqueueにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-1323 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
5018 6.5 警告
Network 		Linux Foundation Backstage/plugin-scaffolder-backend Linux FoundationのBackstage/plugin-scaffolder-backendにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-29184 2026-04-27 11:19 2026-03-7 Show GitHub Exploit DB Packet Storm
5019 4.3 警告
Network 		Guido Schmechel (ayacoo) redirect_tab Guido Schmechel (ayacoo)のredirect_tabにおける複数の脆弱性 CWE-200
CWE-862
CWE-862
CVE-2026-4202 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
5020 8.8 重要
Network 		Ralf Freit (MrSilaz) mfa_mail Ralf Freit (MrSilaz)のmfa_mailにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-4208 2026-04-27 11:19 2026-03-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
521 6.5 MEDIUM
Network 		gitlawb openclaude OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP serv… New CWE-352
CWE-400
 Origin Validation Error
 Uncontrolled Resource Consumption 		CVE-2026-42073 2026-06-4 01:54 2026-06-3 Show GitHub Exploit DB Packet Storm
522 5.4 MEDIUM
Network 		shopify react-router React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the HTTP `Location` header value can permit Cros… New CWE-79
Cross-site Scripting 		CVE-2026-33244 2026-06-4 01:54 2026-06-3 Show GitHub Exploit DB Packet Storm
523 5.3 MEDIUM
Network 		oracle rest_data_services Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac… Update CWE-284
Improper Access Control 		CVE-2026-46842 2026-06-4 01:53 2026-05-29 Show GitHub Exploit DB Packet Storm
524 7.5 HIGH
Network 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcac… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-45686 2026-06-4 01:52 2026-06-3 Show GitHub Exploit DB Packet Storm
525 7.5 HIGH
Network 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.1.0 to before version 0.9.0, malformed MongoDB wire messages can trigger uncaught … New CWE-20
CWE-248
CWE-704
 Improper Input Validation 
 Uncaught Exception
 Incorrect Type Conversion or Cast 		CVE-2026-45685 2026-06-4 01:52 2026-06-3 Show GitHub Exploit DB Packet Storm
526 5.3 MEDIUM
Network 		oracle rest_data_services Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac… Update CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-46843 2026-06-4 01:52 2026-05-29 Show GitHub Exploit DB Packet Storm
527 5.3 MEDIUM
Local 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by readi… New CWE-126
CWE-787
 Buffer Over-read
 Out-of-bounds Write 		CVE-2026-45684 2026-06-4 01:52 2026-06-3 Show GitHub Exploit DB Packet Storm
528 3.8 LOW
Local 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpf_pr… New CWE-127
CWE-200
 Buffer Under-read
Information Exposure 		CVE-2026-45683 2026-06-4 01:52 2026-06-3 Show GitHub Exploit DB Packet Storm
529 5.9 MEDIUM
Network 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the per-CPU message-buffer fallback path uses a 256-byte backup buffer bu… New CWE-125
CWE-130
Out-of-bounds Read
 Improper Handling of Length Parameter Inconsistency 		CVE-2026-45681 2026-06-4 01:52 2026-06-3 Show GitHub Exploit DB Packet Storm
530 5.5 MEDIUM
Local 		opentelemetry ebpf_instrumentation OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking… New CWE-401
CWE-770
 Missing Release of Memory after Effective Lifetime
 Allocation of Resources Without Limits or Throttling 		CVE-2026-45682 2026-06-4 01:51 2026-06-3 Show GitHub Exploit DB Packet Storm