Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5431	9.8	緊急 Network	Apache Software Foundation	Apache Tomcat	Apache Software FoundationのApache Tomcatにおける認証回避に関する脆弱性	CWE-592 認証回避の問題	CVE-2026-43512	2026-05-18 11:26	2026-05-12	Show	GitHub Exploit DB Packet Storm

5432	7.5	重要 Network	Apache Software Foundation	Apache Tomcat	Apache Software FoundationのApache Tomcatにおける大文字と小文字の区別の不適切な処理に関する脆弱性	CWE-178 大文字と小文字の区別の不適切な処理	CVE-2026-43513	2026-05-18 11:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

5433	9.1	緊急 Network	Apache Software Foundation	Apache Tomcat	Apache Software FoundationのApache Tomcatにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-43515	2026-05-18 11:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

5434	7.5	重要 Network	Web Technologies	Change Detection	Web TechnologiesのChange Detectionにおけるファイル名やパス名の外部制御に関する脆弱性	CWE-73 ファイル名やパス名の外部制御	CVE-2026-43891	2026-05-18 11:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

5435	8.7	重要 Network	Daniel Garcia	Vaultwarden	Daniel GarciaのVaultwardenにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-43912	2026-05-18 11:25	2026-05-11	Show	GitHub Exploit DB Packet Storm

5436	9.1	緊急 Network	OPNsense project	OPNsense	OPNsenseにおける引数の挿入または変更に関する脆弱性	CWE-88 引数の挿入または変更	CVE-2026-44193	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

5437	9.1	緊急 Network	OPNsense project	OPNsense	OPNsenseにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-44194	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

5438	6.5	警告 Network	OPNsense project	OPNsense	OPNsenseにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-44195	2026-05-18 11:25	2026-05-13	Show	GitHub Exploit DB Packet Storm

5439	9.8	緊急 Network	フォーティネット	FortiAuthenticator	フォーティネットのFortiAuthenticatorにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-44277	2026-05-18 11:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

5440	5.5	警告 Local	フォーティネット	FortiClient	フォーティネットのFortiClientにおけるハードコードされた暗号鍵の使用に関する脆弱性	CWE-321 ハードコードされた暗号鍵の使用	CVE-2026-44278	2026-05-18 11:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3121	7.5	HIGH Network	netty	netty	Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode() reads the 24-bit TLS handsha…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-45416	2026-06-15 11:15	2026-06-13	Show	GitHub Exploit DB Packet Storm

3122	4.0	MEDIUM Local	netty	netty	Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, netty_unix_socket_recvFd sets msg_control to `char control[…	CWE-200 CWE-772 Information Exposure Missing Release of Resource after Effective Lifetime	CVE-2026-45536	2026-06-15 11:14	2026-06-13	Show	GitHub Exploit DB Packet Storm

3123	6.8	MEDIUM Network	netty	netty	Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating…	CWE-330 CWE-340 Use of Insufficiently Random Values Generation of Predictable Numbers or Identifiers	CVE-2026-45673	2026-06-15 11:14	2026-06-13	Show	GitHub Exploit DB Packet Storm

3124	10.0	CRITICAL Network	netty	netty	Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin (bai…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-45674	2026-06-15 11:13	2026-06-13	Show	GitHub Exploit DB Packet Storm

3125	7.5	HIGH Network	netty	netty	Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessag…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-46340	2026-06-15 11:12	2026-06-13	Show	GitHub Exploit DB Packet Storm

3126	5.3	MEDIUM Network	netty	netty	Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, DefaultHttp2Connection.DefaultEndpoint initialises maxActiv…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-47244	2026-06-15 11:11	2026-06-13	Show	GitHub Exploit DB Packet Storm

3127	8.2	HIGH Network	nuxt	nuxt	Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch bet…	CWE-178 CWE-863 Improper Handling of Case Sensitivity Incorrect Authorization	CVE-2026-53721	2026-06-15 11:11	2026-06-13	Show	GitHub Exploit DB Packet Storm

3128	5.4	MEDIUM Network	nuxt	nuxt	Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, <NuxtLink> did not validate the URL scheme of values bound to its to or href props before rendering th…	CWE-79 CWE-83 Cross-site Scripting Improper Neutralization of Script in Attributes in a Web Page	CVE-2026-53722	2026-06-15 11:10	2026-06-13	Show	GitHub Exploit DB Packet Storm

3129	5.3	MEDIUM Network	ironmansoftware	powershell_universal	Improper access control in Devolutions PowerShell Universal 2026.1.7 and earlier allows an unauthenticated remote attacker to obtain the OpenAPI specification of user-defined REST endpoints.	CWE-306 Missing Authentication for Critical Function	CVE-2026-8694	2026-06-15 11:09	2026-06-13	Show	GitHub Exploit DB Packet Storm

3130	10.0	CRITICAL Network	netty	netty	Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the ba…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-47691	2026-06-15 10:57	2026-06-13	Show	GitHub Exploit DB Packet Storm