Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
6561	7.5	重要 Network	Technostrobe	HI-LED-WR120-G2 Firmware	TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性	CWE-200 CWE-284	CVE-2026-5571	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

6562	4.3	警告 Network	Technostrobe	HI-LED-WR120-G2 Firmware	TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性	CWE-352 CWE-862	CVE-2026-5572	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

6563	9.8	緊急 Network	Technostrobe	HI-LED-WR120-G2 Firmware	TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性	CWE-284 CWE-434	CVE-2026-5573	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

6564	8.6	重要 Network	Song Li (Song-Li)	Cross browser fingerprinting	Song Li (Song-Li)のCross browser fingerprintingにおける複数の脆弱性	CWE-74 CWE-89 CWE-89	CVE-2026-5577	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

6565	9.8	緊急 Network	Martin (Fosowl)	AgenticSeek	Martin (Fosowl)のAgenticSeekにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-5584	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

6566	7.5	重要 Network	Tencent	AI-Infra-Guard	TencentのAI-Infra-Guardにおける複数の脆弱性	CWE-200 CWE-284 CWE-noinfo	CVE-2026-5585	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

6567	3.7	低 Network	Simon Tatham	PuTTY	PuTTYにおける複数の脆弱性	CWE-345 CWE-347	CVE-2026-4115	2026-05-7 12:27	2026-03-22	Show	GitHub Exploit DB Packet Storm

6568	9.8	緊急 Network	cPanel	cPanel WP Squared cPanel WHM	cPanelのcPanel等の複数製品における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-41940	2026-05-7 12:27	2026-04-29	Show	GitHub Exploit DB Packet Storm

6569	9.8	緊急 Network	Provectus	UI for Apache Kafka	ProvectusのUI for Apache Kafkaにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-5562	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

6570	6.1	警告 Network	WSO2	WSO2 Identity Server	WSO2のWSO2 Identity Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-10503	2026-05-7 12:07	2026-04-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1151	8.6	HIGH Network	-	-	Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by… New	CWE-200 Information Exposure	CVE-2026-49269	2026-06-26 04:14	2026-06-25	Show	GitHub Exploit DB Packet Storm

1152	7.8	HIGH Local	-	-	Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privi… New	CWE-78 OS Command	CVE-2026-46735	2026-06-26 04:14	2026-06-26	Show	GitHub Exploit DB Packet Storm

1153	7.5	HIGH Network	-	-	Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration,… New	CWE-306 CWE-524 Missing Authentication for Critical Function Use of Cache Containing Sensitive Information	CVE-2026-13007	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

1154	7.8	HIGH Local	-	-	A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of … New	CWE-287 Improper Authentication	CVE-2026-12112	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

1155	4.3	MEDIUM Network	-	-	A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds r… New	CWE-125 Out-of-bounds Read	CVE-2026-12891	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

1156	4.4	MEDIUM Local	-	-	A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds re… New	CWE-125 Out-of-bounds Read	CVE-2026-12892	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

1157	8.8	HIGH Network	-	-	Spring Statemachine's Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a class allowlist (CWE-502, deserialisation of… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-41862	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

1158	5.5	MEDIUM Local	-	-	Module: plugins/modules/keyring_info.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keycha… New	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-11819	2026-06-26 04:10	2026-06-24	Show	GitHub Exploit DB Packet Storm

1159	-		-	-	A denial-of-service (DoS) vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets. An unauthenticated adjacent atta… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-12760	2026-06-26 04:10	2026-06-25	Show	GitHub Exploit DB Packet Storm

1160	6.5	MEDIUM Local	-	-	A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity (namespace/name) solely from the request body with… New	CWE-287 Improper Authentication	CVE-2026-13208	2026-06-26 04:10	2026-06-25	Show	GitHub Exploit DB Packet Storm