Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
881 4.3 警告
Network 		GLPI-PROJECT.ORG GLPI GLPI-PROJECT.ORGのGLPIにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-32312 2026-05-25 10:23 2026-05-19 Show GitHub Exploit DB Packet Storm
882 7.8 重要
Local 		mullvad mullvad vpn mullvadのmullvad vpnにおける複数の脆弱性 CWE-269
CWE-345
CWE-427
CWE-noinfo
CVE-2026-32323 2026-05-25 10:23 2026-05-19 Show GitHub Exploit DB Packet Storm
883 6.5 警告
Network 		Faraday Project Faraday Faraday ProjectのFaradayにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-33637 2026-05-25 10:22 2026-05-19 Show GitHub Exploit DB Packet Storm
884 8.8 重要
Local 		FreeBSD FreeBSD FreeBSDにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-39461 2026-05-25 10:22 2026-05-21 Show GitHub Exploit DB Packet Storm
885 6.5 警告
Network 		plane plane planeにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性 CWE-943
データクエリロジックの特殊要素の不適切な中立化 		CVE-2026-40102 2026-05-25 10:22 2026-05-20 Show GitHub Exploit DB Packet Storm
886 7.5 重要
Network 		マイクロソフト Microsoft Entra ID Microsoft Entra ID のスプーフィングの脆弱性 CWE-200
情報漏えい 		CVE-2026-40379 2026-05-25 10:22 2026-05-12 Show GitHub Exploit DB Packet Storm
887 4.3 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-4055 2026-05-25 10:22 2026-05-21 Show GitHub Exploit DB Packet Storm
888 7.8 重要
Local 		Samba Project rsync Samba Projectのrsyncにおけるレングスパラメーターの不整合による処理に関する脆弱性 CWE-130
レングスパラメーターの不整合による不適切な処理 		CVE-2026-41035 2026-05-25 10:22 2026-04-16 Show GitHub Exploit DB Packet Storm
889 9.8 緊急
Network 		NASA F Prime NASAのF Primeにおける複数の脆弱性 CWE-190
CWE-787
CVE-2026-41144 2026-05-25 10:22 2026-04-22 Show GitHub Exploit DB Packet Storm
890 7.8 重要
Local 		DevSpace DevSpace DevSpaceにおける複数の脆弱性 CWE-200
CWE-306
CVE-2026-42283 2026-05-25 10:22 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2521 7.3 HIGH
Network 		- - IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decode_ux() in bin/… CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2026-48961 2026-05-30 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2522 7.5 HIGH
Network 		- - IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward() compares length $offset (the digit count of the offset, 1 to 19) agains… CWE-407
 Inefficient Algorithmic Complexity 		CVE-2026-48959 2026-05-30 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2523 9.9 CRITICAL
Network 		- - Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Eas… CWE-269
CWE-284
CWE-306
 Improper Privilege Management
Improper Access Control
Missing Authentication for Critical Function 		CVE-2026-46824 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2524 7.7 HIGH
Network 		- - Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily ex… CWE-863
 Incorrect Authorization 		CVE-2026-46823 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2525 9.9 CRITICAL
Network 		- - Vulnerability in the Oracle iAssets product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all… CWE-284
Improper Access Control 		CVE-2026-46822 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2526 7.7 HIGH
Network 		- - Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v… CWE-284
Improper Access Control 		CVE-2026-46821 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2527 - - - LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains an Insecure Direct Object Reference vulnerability in the authorization policy layer that allows any authent… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-45342 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2528 7.5 HIGH
Network 		- - CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers. The gcm_decrypt_verify, ccm_decrypt_verify, chacha20poly1305_decrypt_verify and eax_decryp… CWE-121
Stack-based Buffer Overflow 		CVE-2026-41565 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2529 7.3 HIGH
Network 		- - An arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of SourceBans Material Admin v1.1.6 allows attackers to execute arbitrary code via uploading a crafted image file. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-30761 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm
2530 7.3 HIGH
Network 		- - An issue in SourceBans Material Admin before v.1.1.6 (3ecd95e) allows attackers to manipulate arbitrary user data in the web app via a crafted XAJAX call. CWE-20
 Improper Input Validation  		CVE-2026-30760 2026-05-30 01:16 2026-05-29 Show GitHub Exploit DB Packet Storm