Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
6381 7.8 重要
Local
Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み
CVE-2026-43205 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6382 7.8 重要
Local
Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み
CVE-2026-43206 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6383 7.8 重要
Local
Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス
CVE-2026-43207 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6384 9.8 緊急
Network
Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み
CVE-2026-43208 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6385 5.5 警告
Local
Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足
CVE-2026-43209 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6386 5.5 警告
Local
Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足
CVE-2026-43210 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6387 7.8 重要
Local
Linux Linux Kernel LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 CWE-667
不適切なロック
CVE-2026-43211 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6388 7.8 重要
Local
Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足
CVE-2026-43212 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6389 7.5 重要
Adjacent
Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス
CVE-2026-43213 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6390 7.8 重要
Local
Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足
CVE-2026-43214 2026-05-13 10:22 2026-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1791 5.4 MEDIUM
Network
- - Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2026-53948 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1792 5.3 MEDIUM
Network
- - Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private… CWE-200
CWE-693
Information Exposure
 Protection Mechanism Failure
CVE-2026-53949 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1793 7.5 HIGH
Network
- - @tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub client in Ghost was vulnerable to JavaScript injection on posts shared by a maliciously customised Activ… CWE-79
Cross-site Scripting
CVE-2026-53950 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1794 5.7 MEDIUM
Network
- - Jellyfin is an open source self hosted media server. Prior to 10.11.9, a potential XSS attack exists in Jellyfin which can allow a non-privileged user to execute arbitrary Javascript in the context o… CWE-79
Cross-site Scripting
CVE-2026-49220 2026-06-26 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
1795 9.6 CRITICAL
Network
- - Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticate… CWE-524
 Use of Cache Containing Sensitive Information
CVE-2026-53943 2026-06-26 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
1796 4.3 MEDIUM
Network
- - An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. CWE-400
 Uncontrolled Resource Consumption
CVE-2026-42005 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1797 7.5 HIGH
Network
- - A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning. CWE-349
 Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2026-33612 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1798 3.7 LOW
Network
- - An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The pr… CWE-116
 Improper Encoding or Escaping of Output
CVE-2026-40011 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1799 3.7 LOW
Network
- - An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame. CWE-705
 Incorrect Control Flow Scoping
CVE-2026-40208 2026-06-26 00:59 2026-06-25 Show GitHub Exploit DB Packet Storm
1800 5.3 MEDIUM
Network
- - An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a… CWE-772
 Missing Release of Resource after Effective Lifetime
CVE-2026-40209 2026-06-26 00:59 2026-06-25 Show GitHub Exploit DB Packet Storm