Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5061	6.2	警告 Local	アドビシステムズ	C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web	アドビの(Content Authenticity Initiative) c2pa-web等の複数製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-34678	2026-05-18 11:23	2026-05-12	Show	GitHub Exploit DB Packet Storm

5062	6.2	警告 Local	アドビシステムズ	C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web	アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-34679	2026-05-18 11:23	2026-05-12	Show	GitHub Exploit DB Packet Storm

5063	6.2	警告 Local	アドビシステムズ	C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web	アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-34680	2026-05-18 11:23	2026-05-12	Show	GitHub Exploit DB Packet Storm

5064	6.2	警告 Local	アドビシステムズ	C2PA (Coalition for Content Provenance and Authenticity) (Content Authenticity Initiative) c2pa-web	アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-34688	2026-05-18 11:23	2026-05-12	Show	GitHub Exploit DB Packet Storm

5065	7.1	重要 Adjacent	Linux Foundation	automotive grade linux	Linux FoundationのAutomotive Grade Linuxにおけるバッファオーバーリードの脆弱性	CWE-126 バッファオーバーリード	CVE-2026-37532	2026-05-18 11:23	2026-05-1	Show	GitHub Exploit DB Packet Storm

5066	8.8	重要 Network	マイクロソフト	Microsoft Data Formulator	Microsoft Data Formulator のリモートでコードが実行される脆弱性	CWE-94 コード・インジェクション	CVE-2026-41094	2026-05-18 11:22	2026-05-12	Show	GitHub Exploit DB Packet Storm

5067	9.1	緊急 Network	マイクロソフト	Microsoft Confluence SAML SSO plugin Microsoft JIRA SAML SSO plugin	Jira と Confluence 用の Microsoft SSO プラグインの特権昇格の脆弱性	CWE-303 CWE-Other	CVE-2026-41103	2026-05-18 11:22	2026-05-12	Show	GitHub Exploit DB Packet Storm

5068	5.9	警告 Network	opentelemetry	OpenTelemetry.Resources.Azure	opentelemetryのOpenTelemetry.Resources.Azureにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-41483	2026-05-18 11:22	2026-05-6	Show	GitHub Exploit DB Packet Storm

5069	5.9	警告 Network	opentelemetry	OpenTelemetry.Exporter.OneCollector	opentelemetryのOpenTelemetry.Exporter.OneCollectorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-41484	2026-05-18 11:22	2026-05-6	Show	GitHub Exploit DB Packet Storm

5070	5.5	警告 Local	マイクロソフト	Visual Studio Code - Live Preview extension	マイクロソフトのVisual Studio Code - Live Preview extensionにおける複数の脆弱性	CWE-22 CWE-22 CWE-23	CVE-2026-41612	2026-05-18 11:22	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3271	-		-	-	QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version:	CWE-472 External Control of Assumed-Immutable Web Parameter	CVE-2025-59382	2026-06-12 11:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

3272	7.5	HIGH Network	nlnetlabs	routinator	When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes.	CWE-755 Improper Handling of Exceptional Conditions	CVE-2026-49235	2026-06-12 10:37	2026-06-9	Show	GitHub Exploit DB Packet Storm

3273	7.5	HIGH Network	nlnetlabs	routinator	Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name …	CWE-22 Path Traversal	CVE-2026-49233	2026-06-12 10:33	2026-06-9	Show	GitHub Exploit DB Packet Storm

3274	7.5	HIGH Network	nlnetlabs	routinator	When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes. This only affects users who allow API access from untrusted n…	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-49234	2026-06-12 10:28	2026-06-9	Show	GitHub Exploit DB Packet Storm

3275	6.5	MEDIUM Network	nsa	ghidra	Ghidra before 12.2 contains an unauthenticated path traversal vulnerability in the IsfServer that accepts TCP connections and passes client-supplied namespace strings directly to filesystem operation…	CWE-22 Path Traversal	CVE-2026-52756	2026-06-12 10:18	2026-06-10	Show	GitHub Exploit DB Packet Storm

3276	4.4	MEDIUM Local	nsa	ghidra	Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge() function during the variable merging pass. Attackers can trigger this vulnerability by crafti…	CWE-416 Use After Free	CVE-2026-52757	2026-06-12 10:10	2026-06-10	Show	GitHub Exploit DB Packet Storm

3277	4.3	MEDIUM Network	jenkins	jenkins	Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not ensure that the "from" parameter in the "Delegate to servlet container" security realm is safe to redirect to after login, allowing attacke…	CWE-601 Open Redirect	CVE-2026-53440	2026-06-12 10:03	2026-06-10	Show	GitHub Exploit DB Packet Storm

3278	5.3	MEDIUM Network	jenkins	jenkins	Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not encrypt secrets from POST config.xml submissions before storing them in job configurations unencrypted in job config.xml files on the Jenki…	CWE-311 Missing Encryption of Sensitive Data	CVE-2026-53442	2026-06-12 09:59	2026-06-10	Show	GitHub Exploit DB Packet Storm

3279	7.2	HIGH Network	apache	answer	Improper Restriction of Security Token Assignment vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Previously issued administrative tokens were not invalidated after…	CWE-1259 Improper Restriction of Security Token Assignment	CVE-2026-25700	2026-06-12 09:50	2026-06-11	Show	GitHub Exploit DB Packet Storm

3280	8.3	HIGH Network	plane	plane	Plane is an open-source project management tool. Prior to version 1.3.1, there is a cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in …	CWE-639 CWE-862 Authorization Bypass Through User-Controlled Key Missing Authorization	CVE-2026-46558	2026-06-12 09:49	2026-06-11	Show	GitHub Exploit DB Packet Storm