Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
611 5.5 警告
Local 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2025-32746 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
612 7.8 重要
Local 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2025-32747 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
613 7.5 重要
Network 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-32749 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
614 5.5 警告
Local 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2025-32751 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
615 5.5 警告
Local 		デル PowerFlex Rack
PowerFlex appliance Intelligent Catalog Software
PowerFlex Manager 		デルのPowerFlex appliance Intelligent Catalog Software等の複数製品における暗号アルゴリズムの使用に関する脆弱性 CWE-327
不完全、または危険な暗号アルゴリズムの使用 		CVE-2025-46371 2026-05-28 14:33 2026-05-22 Show GitHub Exploit DB Packet Storm
616 6.5 警告
Network 		Splunk Splunk AI Toolkit SplunkのSplunk AI Toolkitにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-20238 2026-05-28 14:33 2026-05-20 Show GitHub Exploit DB Packet Storm
617 7.5 重要
Network 		NVIDIA NVIDIA TensorRT NVIDIAのNVIDIA TensorRTにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-24188 2026-05-28 14:33 2026-05-20 Show GitHub Exploit DB Packet Storm
618 5.3 警告
Network 		Dropbox Erlang SAML library Lexi Wilson (arekinath)等の複数ベンダの製品におけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-28809 2026-05-28 14:33 2026-03-23 Show GitHub Exploit DB Packet Storm
619 9.1 緊急
Network 		Nexent Nexent Nexentにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-31215 2026-05-28 14:33 2026-05-12 Show GitHub Exploit DB Packet Storm
620 9.1 緊急
Network 		Nexent Nexent Nexentにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-31216 2026-05-28 14:33 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1861 7.6 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.2, the file upload endpoint POST /api/attachments/process does not enforce active-content restrictions for authenticated users. The checks … CWE-79
CWE-434
Cross-site Scripting
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-46426 2026-05-28 03:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1862 6.5 MEDIUM
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API (POST /api/views) accepts a calculation parameter from the request body that is interpolated directly into a CouchDB re… CWE-94
Code Injection 		CVE-2026-45719 2026-05-28 03:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1863 8.8 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoute… CWE-862
 Missing Authorization 		CVE-2026-45717 2026-05-28 03:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1864 8.8 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissio… CWE-269
 Improper Privilege Management 		CVE-2026-45716 2026-05-28 03:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1865 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetch(fileUrl) directly without the IP blacklist… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45548 2026-05-28 03:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1866 8.2 HIGH
Network 		- - Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the output, output-all, and debug fields in model.Options … CWE-73
CWE-306
CWE-434
 External Control of File Name or Path
Missing Authentication for Critical Function
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-45089 2026-05-28 03:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1867 7.5 HIGH
Network 		- - Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tag… CWE-73
CWE-306
CWE-552
 External Control of File Name or Path
Missing Authentication for Critical Function
 Files or Directories Accessible to External Parties 		CVE-2026-45088 2026-05-28 03:16 2026-05-28 Show GitHub Exploit DB Packet Storm
1868 9.3 CRITICAL
Network 		- - Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous global… CWE-693
 Protection Mechanism Failure 		CVE-2026-44451 2026-05-28 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1869 4.3 MEDIUM
Network 		- - PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality CWE-79
Cross-site Scripting 		CVE-2026-36239 2026-05-28 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm
1870 5.2 MEDIUM
Adjacent 		- - SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URI… CWE-79
Cross-site Scripting 		CVE-2025-68709 2026-05-28 03:16 2026-05-27 Show GitHub Exploit DB Packet Storm