Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
6621 8.8 重要
Network 		n8n n8n n8nにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-42237 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
6622 9.8 緊急
Network 		nginxui Nginx UI Nginx UI TeamのNginx UIにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-42238 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
6623 7.7 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42438 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
6624 8.5 重要
Network 		OpenClaw OpenClaw OpenClawにおける複数の脆弱性 CWE-862
CWE-918
CVE-2026-42439 2026-05-8 12:22 2026-05-5 Show GitHub Exploit DB Packet Storm
6625 7.5 重要
Network 		Apache Software Foundation Apache OpenNLP Apache Software FoundationのApache OpenNLPにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-42440 2026-05-8 12:22 2026-05-4 Show GitHub Exploit DB Packet Storm
6626 6.1 警告
Network 		Apache Software Foundation Apache Wicket Apache Software FoundationのApache Wicketにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42509 2026-05-8 12:22 2026-05-6 Show GitHub Exploit DB Packet Storm
6627 4.3 警告
Network 		Jenkins プロジェクト Script Security JenkinsのScript Securityにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42519 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
6628 7.5 重要
Network 		Jenkins プロジェクト Credentials Binding JenkinsのCredentials Bindingにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-42520 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
6629 6.5 警告
Network 		Jenkins プロジェクト Matrix Authorization Strategy JenkinsのMatrix Authorization Strategyにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-42521 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
6630 4.3 警告
Network 		Jenkins プロジェクト GitHub Branch Source JenkinsのGitHub Branch Sourceにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-42522 2026-05-8 12:22 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1171 7.8 HIGH
Local 		- - Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this… CWE-284
Improper Access Control 		CVE-2026-46733 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1172 6.7 MEDIUM
Local 		- - Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability. A low privi… CWE-362
Race Condition 		CVE-2026-46732 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1173 - - - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML service provider implemen… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-46423 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1174 9.1 CRITICAL
Network 		- - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains … CWE-943
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-45689 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1175 9.1 CRITICAL
Network 		- - Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the… CWE-943
 Improper Neutralization of Special Elements in Data Query Logic 		CVE-2026-45688 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1176 9.8 CRITICAL
Network 		- - Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker with remote access could poten… CWE-349
 Acceptance of Extraneous Untrusted Data With Trusted Data 		CVE-2026-41120 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1177 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php. This issue… CWE-89
SQL Injection 		CVE-2026-39955 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1178 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request parameter is retrieved via the raw accessor grv() (rather than gfrv() with FILTER… CWE-89
SQL Injection 		CVE-2026-39948 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1179 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdtool IPC serialization hardening. This issue has been… CWE-22
CWE-78
Path Traversal
OS Command  		CVE-2026-39938 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1180 9.8 CRITICAL
Network 		cacti cacti Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated into a RLIKE SQL clause without sanitization. The endpo… CWE-89
SQL Injection 		CVE-2026-39893 2026-06-26 14:16 2026-06-25 Show GitHub Exploit DB Packet Storm