Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
821	8.3	重要 Adjacent	MacGregor	Interschalt VDR G4e Firmware	MacGregorのInterschalt VDR G4e Firmwareにおけるデフォルトの認証情報の使用に関する脆弱性 New	CWE-1392 デフォルトの認証情報の使用	CVE-2026-42941	2026-06-8 11:46	2026-05-29	Show	GitHub Exploit DB Packet Storm

822	5.4	警告 Adjacent	MacGregor	Interschalt VDR G4e Firmware	MacGregorのInterschalt VDR G4e Firmwareにおける認証情報の不十分な保護に関する脆弱性 New	CWE-522 認証情報の不十分な保護	CVE-2026-42951	2026-06-8 11:46	2026-05-29	Show	GitHub Exploit DB Packet Storm

823	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-43084	2026-06-8 11:46	2026-05-6	Show	GitHub Exploit DB Packet Storm

824	5.5	警告 Local	Zeit, Inc.	Vercel CLI	Vercel, Inc. (旧 Zeit, Inc.)のVercel CLIにおける複数の脆弱性 New	CWE-200 CWE-532	CVE-2026-44479	2026-06-8 11:46	2026-05-13	Show	GitHub Exploit DB Packet Storm

825	5.3	警告 Network	Open Quantum Safe	liboqs	Open Quantum Safeのliboqsにおける複数の脆弱性 New	CWE-125 CWE-20	CVE-2026-44518	2026-06-8 11:46	2026-05-29	Show	GitHub Exploit DB Packet Storm

826	5.4	警告 Adjacent	MacGregor	Interschalt VDR G4e Firmware	MacGregorのInterschalt VDR G4e Firmwareにおける強度が不十分なパスワードハッシュの使用に関する脆弱性 New	CWE-916 強度が不十分なパスワードハッシュの使用	CVE-2026-44611	2026-06-8 11:46	2026-05-29	Show	GitHub Exploit DB Packet Storm

827	6.5	警告 Network	librechat	librechat	LibreChatにおける送信データへの重要な情報の挿入に関する脆弱性 New	CWE-201 CWE-noinfo	CVE-2026-44653	2026-06-8 11:46	2026-06-2	Show	GitHub Exploit DB Packet Storm

828	8.1	重要 Network	librechat	librechat	LibreChatにおける不正な認証に関する脆弱性 New	CWE-863 不正な認証	CVE-2026-44654	2026-06-8 11:46	2026-06-2	Show	GitHub Exploit DB Packet Storm

829	8.1	重要 Network	Broadcom	RabbitMQ Server	BroadcomのRabbitMQ Serverにおける不正な認証に関する脆弱性 New	CWE-863 不正な認証	CVE-2026-44838	2026-06-8 11:46	2026-05-27	Show	GitHub Exploit DB Packet Storm

830	4.8	警告 Network	Broadcom	RabbitMQ Server	BroadcomのRabbitMQ Serverにおけるクロスサイトスクリプティングの脆弱性 New	CWE-80 クロスサイトスクリプティング (Basic XSS)	CVE-2026-44839	2026-06-8 11:46	2026-05-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
161	-		-	-	Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctp_parse_error_chu… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-49759	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

162	-		-	-	Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet_tls_dist:check_ip/… New	CWE-863 CWE-1025 Incorrect Authorization Comparison Using Wrong Factors	CVE-2026-48860	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

163	-		-	-	Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration via timing side-channel in password authentication. W… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-48859	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

164	4.3	MEDIUM Network	google	chrome	Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High) New	CWE-457 Use of Uninitialized Variable	CVE-2026-11668	2026-06-11 01:17	2026-06-9	Show	GitHub Exploit DB Packet Storm

165	-		-	-	Server-Side Request Forgery (SSRF) vulnerability in Erlang/OTP ftp (ftp_internal module) allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftp_internal:handle_ctrl_… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-48858	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

166	-		-	-	Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request… New	CWE-601 Open Redirect	CVE-2026-48856	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

167	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery. The SSH_FXP_READLINK handler in ssh_sftpd sends the raw result of… New	CWE-200 Information Exposure	CVE-2026-48855	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

168	5.0	MEDIUM Network	-	-	OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to O… New	CWE-345 CWE-668 Insufficient Verification of Data Authenticity Exposure of Resource to Wrong Sphere	CVE-2026-48096	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

169	8.3	HIGH Network	-	-	Plane is an open-source project management tool. Prior to version 1.3.1, there is a cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in … New	CWE-639 CWE-862 Authorization Bypass Through User-Controlled Key Missing Authorization	CVE-2026-46558	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

170	7.8	HIGH Local	-	-	LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trust_remote_code=True" enables HF supply-chain RCE without user opt-in. … New	CWE-94 CWE-915 CWE-1188 Code Injection Improperly Controlled Modification of Dynamically-Determined Object Attributes Insecure Default Initialization of Resource	CVE-2026-46517	2026-06-11 01:17	2026-06-10	Show	GitHub Exploit DB Packet Storm