Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
7021 7.2 重要
Network 		Progress Software Corporation ECS Connection Manager
loadmaster
Connection Manager for ObjectScale 		Progress Software CorporationのConnection Manager for ObjectScale等の複数製品におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-3519 2026-05-7 12:06 2026-04-20 Show GitHub Exploit DB Packet Storm
7022 8.1 重要
Network 		FreeBSD FreeBSD FreeBSDにおける複数の脆弱性 CWE-122
CWE-130
CVE-2026-35547 2026-05-7 12:06 2026-04-30 Show GitHub Exploit DB Packet Storm
7023 7.5 重要
Network 		libsndfile project libsndfile libsndfile projectのlibsndfileにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-37555 2026-05-7 12:06 2026-04-29 Show GitHub Exploit DB Packet Storm
7024 6.5 警告
Network 		Grokability, Inc. Snipe-IT Grokability, Inc.のSnipe-ITにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-38533 2026-05-7 12:05 2026-04-14 Show GitHub Exploit DB Packet Storm
7025 7.5 重要
Network 		Apache Software Foundation ActiveMQ Broker
Apache ActiveMQ 		Apache Software FoundationのApache ActiveMQ等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-39304 2026-05-7 12:05 2026-04-10 Show GitHub Exploit DB Packet Storm
7026 6.5 警告
Network 		OpenBao OpenBao OpenBaoにおける複数の脆弱性 CWE-400
CWE-674
CWE-770
CVE-2026-39396 2026-05-7 12:05 2026-04-21 Show GitHub Exploit DB Packet Storm
7027 7.8 重要
Local 		FreeBSD FreeBSD FreeBSDにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-39457 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
7028 10 緊急
Network 		traefik traefik traefikにおける複数の脆弱性 CWE-290
CWE-306
CVE-2026-39858 2026-05-7 12:05 2026-04-30 Show GitHub Exploit DB Packet Storm
7029 7.2 重要
Network 		Progress Software Corporation ECS Connection Manager
loadmaster
Connection Manager for ObjectScale 		Progress Software CorporationのConnection Manager for ObjectScale等の複数製品におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-4048 2026-05-7 12:05 2026-04-20 Show GitHub Exploit DB Packet Storm
7030 7.8 重要
Local 		radare radare2 radareのradare2におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-40499 2026-05-7 12:05 2026-04-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
301 7.2 HIGH
Network 		- - A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a bac… New CWE-78
OS Command  		CVE-2026-55975 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
302 7.5 HIGH
Network 		- - Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app us… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-55844 2026-06-30 00:16 2026-06-30 Show GitHub Exploit DB Packet Storm
303 7.1 HIGH
Local 		- - acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file() that allows l… New CWE-59
Link Following 		CVE-2026-54369 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
304 - - - GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single executi… New CWE-126
 Buffer Over-read 		CVE-2026-41992 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
305 - - - GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a tem… New CWE-377
 Insecure Temporary File 		CVE-2026-41991 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
306 8.1 HIGH
Network 		- - FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Audit Trail report handler that allows authenticated attackers with SA_GLANALYTIC permission to execute arbitrary SQL queri… New CWE-89
SQL Injection 		CVE-2026-40523 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
307 7.1 HIGH
Network 		- - FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Bank Statement report handler that allows authenticated attackers to extract arbitrary database data by injecting UNION SEL… New CWE-89
CWE-916
SQL Injection
 Use of Password Hash With Insufficient Computational Effort 		CVE-2026-40522 2026-06-30 00:16 2026-06-29 Show GitHub Exploit DB Packet Storm
308 5.5 MEDIUM
Local 		- - Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. … New CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-39031 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
309 7.5 HIGH
Network 		- - An issue in the DSO::mmap_and_copy function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via loading a crafted shared library. New CWE-404
 Improper Resource Shutdown or Release 		CVE-2026-38641 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm
310 7.5 HIGH
Network 		- - An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input. New CWE-20
 Improper Input Validation  		CVE-2026-38639 2026-06-30 00:16 2026-06-27 Show GitHub Exploit DB Packet Storm