Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1001	7.3	重要 Network	Northern.tech	cfengine	Northern.techのcfengineにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2026-24712	2026-05-21 10:55	2026-05-14	Show	GitHub Exploit DB Packet Storm

1002	9.8	緊急 Network	Open JS Foundation	WebdriverIO	Open JS FoundationのWebdriverIOにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-25244	2026-05-21 10:55	2026-05-18	Show	GitHub Exploit DB Packet Storm

1003	6.5	警告 Network	マイクロソフト	Power Automate for Desktop	Microsoft Power Automate デスクトップの情報漏えいの脆弱性	CWE-200 情報漏えい	CVE-2026-40374	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

1004	7.8	重要 Local	protobufjs project	protobufjs-cli	protobufjs projectのprotobufjs-cliにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-42290	2026-05-21 10:55	2026-05-13	Show	GitHub Exploit DB Packet Storm

1005	6.1	警告 Network	beaugunderson	ip-address	beaugundersonのip-addressにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42338	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

1006	7.6	重要 Network	PocketBase	PocketBase	PocketBaseにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-44166	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

1007	7.2	重要 Network	German Cancer Research Center (DKFZ)	nnU-Net	German Cancer Research Center (DKFZ)のnnU-Netにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2026-44246	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

1008	8.7	重要 Network	protobufjs project	protobufjs-cli	protobufjs projectのprotobufjs-cliにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44295	2026-05-21 10:55	2026-05-13	Show	GitHub Exploit DB Packet Storm

1009	9.8	緊急 Network	WGDashboard	WGDashboard	WGDashboardにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-44343	2026-05-21 10:55	2026-05-12	Show	GitHub Exploit DB Packet Storm

1010	8.8	重要 Network	Tabby	Tabby	TabbyにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-45035	2026-05-21 10:55	2026-05-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2631	-	-	-	In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and work_struct to fix race condition Currently, hwrng_fill is not cleared until the hwrng_fillfn() thread …	-	CVE-2026-45949	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2632	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() Cover a missed execution path with a new check.	-	CVE-2026-45982	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2633	-	-	-	In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrv_probe() The function testdrv_probe() retrieves the device_node from the PCI device, a…	-	CVE-2026-45989	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2634	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl() vidi_connection_ioctl() retrieves the driver_data …	-	CVE-2026-45956	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2635	-	-	-	In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcu_read_unlock() deadloop due to softirq Commit 5f5fa7ea89dc ("rcu: Don't use negative nesting depth in __rcu_read_unlo…	-	CVE-2026-45957	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2636	-	-	-	In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfs_bnode_create When hfs_bnode_create() finds that a node is already hashed (w…	-	CVE-2026-45960	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2637	-	-	-	In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but d…	-	CVE-2026-45993	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2638	-	-	-	In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix user_struct uaf io_free_rbuf_ring() usees a struct user_struct, which io_zcrx_ifq_free() puts it down before d…	-	CVE-2026-45995	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2639	-	-	-	In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of …	-	CVE-2026-45996	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm

2640	-	-	-	In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decryp…	-	CVE-2026-46000	2026-05-27 23:48	2026-05-27	Show	GitHub Exploit DB Packet Storm