Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223981 4.6 警告 オラクル - Oracle Sun Solaris 10 および 11 における Kernel/DTrace Framework の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0407 2013-11-8 11:42 2013-01-15 Show GitHub Exploit DB Packet Storm
223982 4.3 警告 オラクル - Oracle Sun Solaris 10 における Kernel/IPsec の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0406 2013-11-8 11:41 2013-04-16 Show GitHub Exploit DB Packet Storm
223983 6.4 警告 オラクル - Oracle Sun Solaris 8、9、10、および 11 における NFS クライアントマウントおよび IPv6 の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0405 2013-11-8 11:40 2013-04-16 Show GitHub Exploit DB Packet Storm
223984 3.7 注意 オラクル - Oracle Sun Solaris 10 における Kernel/Boot の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0404 2013-11-8 11:39 2013-04-16 Show GitHub Exploit DB Packet Storm
223985 1.9 注意 オラクル - Oracle Sun Solaris 8、9、10、および 11 における Utility の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0403 2013-11-8 11:38 2013-04-16 Show GitHub Exploit DB Packet Storm
223986 6.6 警告 オラクル - Oracle Sun Solaris 9 および 10 における Filesystem/cachefs の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0400 2013-11-8 11:35 2013-01-15 Show GitHub Exploit DB Packet Storm
223987 6.6 警告 オラクル - Oracle Sun Solaris 9 および 10 における Utility/Umount の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0399 2013-11-8 11:34 2013-01-15 Show GitHub Exploit DB Packet Storm
223988 5 警告 オラクル - Oracle Enterprise Manager Grid Control の APM における Business Transaction Management の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0396 2013-11-8 11:32 2013-01-15 Show GitHub Exploit DB Packet Storm
223989 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft PeopleTools における Security の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0395 2013-11-8 11:31 2013-01-15 Show GitHub Exploit DB Packet Storm
223990 5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft HRMS における Candidate Gateway の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0394 2013-11-8 11:30 2013-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1651 8.2 HIGH
Network 		- - Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspac… CWE-427
CWE-829
 Uncontrolled Search Path Element
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-44358 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
1652 8.7 HIGH
Network 		- - Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in … CWE-269
 Improper Privilege Management 		CVE-2026-44543 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
1653 7.4 HIGH
Network 		- - FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totp_setup.php is callable from a session that has only passed the passwo… CWE-200
CWE-287
CWE-306
Information Exposure
Improper Authentication
Missing Authentication for Critical Function 		CVE-2026-44460 2026-06-2 03:33 2026-05-28 Show GitHub Exploit DB Packet Storm
1654 - - - mapfish-print is a component of MapFish for printing templated cartographic maps. From 3.23.0 to before 3.28.28, 3.30.30, 3.31.22, 3.33.14, and 4.0.3, the attacker can execute arbitrary code in Dyna… CWE-94
Code Injection 		CVE-2026-44672 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
1655 5.9 MEDIUM
Network 		github enterprise_server A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8606 2026-06-2 03:33 2026-05-27 Show GitHub Exploit DB Packet Storm
1656 7.5 HIGH
Network 		yhirose cpp-httplib cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::set_trusted_proxies() with a non-empty trusted-proxy list, an att… CWE-476
 NULL Pointer Dereference 		CVE-2026-46527 2026-06-2 03:32 2026-05-30 Show GitHub Exploit DB Packet Storm
1657 - - - RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An atta… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-47161 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm
1658 8.2 HIGH
Network 		- - RVF (formerly Remix Validated Form) provides easy form validation and state management for React. From 6.0.0 to before 6.0.4 and 7.0.2, setPath in @rvf/set-get (used by @rvf/core to flatten incoming … CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-44483 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm
1659 7.5 HIGH
Network 		- - Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters (., [, ], *, **, ?). When attacker-controlle… CWE-22
CWE-89
CWE-915
CWE-1284
Path Traversal
SQL Injection
 Improperly Controlled Modification of Dynamically-Determined Object Attributes
 Improper Validation of Specified Quantity in Input 		CVE-2026-44635 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm
1660 8.4 HIGH
Network 		- - Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Autho… CWE-863
 Incorrect Authorization 		CVE-2026-45108 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm