Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5051 7.1 重要
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-40599 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
5052 4.4 警告
Local 		Craig J. Bass (craigjbass) ClearanceKit Craig J. Bass (craigjbass)のClearanceKitにおける保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-40604 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
5053 4.8 警告
Network 		mitmproxy mitmproxy mitmproxyにおけるLDAP インジェクションの脆弱性 CWE-90
LDAP インジェクション 		CVE-2026-40606 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
5054 7.5 重要
Network 		coturn project coturn coturn projectのcoturnにおける不正な型変換に関する脆弱性 CWE-704
不正な型変換またはキャスト 		CVE-2026-40613 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
5055 8.8 重要
Network 		goshs goshs goshsにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40876 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
5056 7.5 重要
Network 		- NestJSにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40879 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
5057 7.6 重要
Network 		openremote openremote openremoteにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-40882 2026-04-27 10:47 2026-04-22 Show GitHub Exploit DB Packet Storm
5058 8.3 重要
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40925 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
5059 8.3 重要
Network 		RustFS RustFS RustFSにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40937 2026-04-27 10:47 2026-04-22 Show GitHub Exploit DB Packet Storm
5060 7.1 重要
Network 		WWBN AVideo WWBNのAVideoにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-41057 2026-04-27 10:47 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
131 5.9 MEDIUM
Network 		- - OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once pe… New CWE-400
CWE-834
 Uncontrolled Resource Consumption
 Excessive Iteration 		CVE-2026-45680 2026-06-3 02:14 2026-06-3 Show GitHub Exploit DB Packet Storm
132 5.9 MEDIUM
Network 		- - OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the per-CPU message-buffer fallback path uses a 256-byte backup buffer bu… New CWE-125
CWE-130
Out-of-bounds Read
 Improper Handling of Length Parameter Inconsistency 		CVE-2026-45681 2026-06-3 02:14 2026-06-3 Show GitHub Exploit DB Packet Storm
133 5.1 MEDIUM
Local 		- - OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking… New CWE-401
CWE-770
 Missing Release of Memory after Effective Lifetime
 Allocation of Resources Without Limits or Throttling 		CVE-2026-45682 2026-06-3 02:14 2026-06-3 Show GitHub Exploit DB Packet Storm
134 3.8 LOW
Local 		- - OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpf_pr… New CWE-127
CWE-200
 Buffer Under-read
Information Exposure 		CVE-2026-45683 2026-06-3 02:14 2026-06-3 Show GitHub Exploit DB Packet Storm
135 7.5 HIGH
Network 		- - OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcac… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-45686 2026-06-3 02:14 2026-06-3 Show GitHub Exploit DB Packet Storm
136 7.5 HIGH
Network 		- - Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1. New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-40780 2026-06-3 02:11 2026-06-3 Show GitHub Exploit DB Packet Storm
137 7.1 HIGH
Network 		- - Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooComme… New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-42654 2026-06-3 02:11 2026-06-3 Show GitHub Exploit DB Packet Storm
138 8.8 HIGH
Network 		tanium connect Tanium addressed an unauthorized code execution vulnerability in Connect. Update CWE-78
OS Command  		CVE-2026-9208 2026-06-3 01:29 2026-05-28 Show GitHub Exploit DB Packet Storm
139 8.8 HIGH
Network 		samsung escargot Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31. Update CWE-787
 Out-of-bounds Write 		CVE-2026-8915 2026-06-3 01:23 2026-05-28 Show GitHub Exploit DB Packet Storm
140 8.2 HIGH
Network 		- - A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a sho… Update CWE-1284
 Improper Validation of Specified Quantity in Input 		CVE-2026-5260 2026-06-3 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm