Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
621 7.5 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-34646 2026-05-22 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
622 7.4 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品におけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-34647 2026-05-22 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
623 7.5 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-34648 2026-05-22 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
624 7.5 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-34649 2026-05-22 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
625 7.5 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-34650 2026-05-22 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
626 7.5 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-34651 2026-05-22 10:54 2026-05-12 Show GitHub Exploit DB Packet Storm
627 7.5 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品における不特定の脆弱性 CWE-Other
その他 		CVE-2026-34652 2026-05-22 10:54 2026-05-12 Show GitHub Exploit DB Packet Storm
628 8.7 重要
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-34653 2026-05-22 10:54 2026-05-12 Show GitHub Exploit DB Packet Storm
629 5.3 警告
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品における不特定の脆弱性 CWE-Other
その他 		CVE-2026-34654 2026-05-22 10:54 2026-05-12 Show GitHub Exploit DB Packet Storm
630 4.8 警告
Network 		アドビシステムズ Adobe Commerce
Adobe Commerce B2B
magento 		アドビのAdobe Commerce等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-34655 2026-05-22 10:54 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1931 7.1 HIGH
Network 		- - The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpress_customizer_notify_dismiss_action AJAX handler before outputting it back in the response, al… CWE-79
Cross-site Scripting 		CVE-2026-6268 2026-05-27 23:55 2026-05-27 Show GitHub Exploit DB Packet Storm
1932 8.8 HIGH
Adjacent 		- - An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond. CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-8676 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1933 5.8 MEDIUM
Local 		- - When the director sends a long-running request (e.g. compile_package), the agent's reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response['value']['result']['compile_… CWE-22
Path Traversal 		CVE-2026-41009 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1934 5.0 MEDIUM
Local 		- - AgentClient#handle_method (lines 264-303) processes every NATS reply. It calls inject_compile_log (line 273) on every response, which reads response['value']['result']['compile_log_id'] (line 332-338… CWE-284
Improper Access Control 		CVE-2026-41704 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1935 6.8 MEDIUM
Local 		- - Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks… CWE-552
 Files or Directories Accessible to External Parties 		CVE-2024-11399 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1936 5.9 MEDIUM
Network 		- - Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Safe Access in Synology Safe Access before 1.3.1-0329 allows remote authenticated users with admi… CWE-79
Cross-site Scripting 		CVE-2025-10466 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1937 8.1 HIGH
Network 		- - Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote atta… CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2025-13392 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1938 7.5 HIGH
Network 		- - An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server. CWE-749
 Exposed Dangerous Method or Function 		CVE-2025-14713 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1939 8.6 HIGH
Network 		- - A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files. CWE-89
SQL Injection 		CVE-2025-30028 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm
1940 8.0 HIGH
Adjacent 		- - A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-3012 2026-05-27 23:54 2026-05-27 Show GitHub Exploit DB Packet Storm