Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224011 2.1 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM Framework における Security の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0370 2013-11-8 10:54 2013-01-15 Show GitHub Exploit DB Packet Storm
224012 5.5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft PeopleTools における Query の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0369 2013-11-8 10:53 2013-01-15 Show GitHub Exploit DB Packet Storm
224013 4 警告 MySQL AB
オラクル		 - Oracle MySQL の MySQL Server における InnoDB の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0368 2013-11-8 10:52 2013-01-15 Show GitHub Exploit DB Packet Storm
224014 4 警告 MySQL AB
オラクル		 - Oracle MySQL の MySQL Server における Server Partition の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0367 2013-11-8 10:51 2013-01-15 Show GitHub Exploit DB Packet Storm
224015 4 警告 オラクル - Oracle Siebel CRM における Security の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0365 2013-11-8 10:48 2013-01-15 Show GitHub Exploit DB Packet Storm
224016 7.8 危険 オラクル - Oracle Database Mobile Server および Oracle Database Lite における脆弱性 CWE-noinfo
情報不足 		CVE-2013-0362 2013-11-8 10:44 2013-01-15 Show GitHub Exploit DB Packet Storm
224017 5 警告 オラクル - Oracle Enterprise Manager Grid Control の APM における Business Transaction Management の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0360 2013-11-8 10:43 2013-01-15 Show GitHub Exploit DB Packet Storm
224018 7.5 危険 オラクル - Oracle Enterprise Manager Grid Control の APM における Business Transaction Management の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0359 2013-11-8 10:42 2013-01-15 Show GitHub Exploit DB Packet Storm
224019 4.3 警告 オラクル - 複数の Oracle Enterprise Manager 製品における Resource Manager の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0358 2013-11-8 10:41 2013-01-15 Show GitHub Exploit DB Packet Storm
224020 4.3 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft PeopleTools における PIA Core Technology の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-0357 2013-11-8 10:40 2013-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1651 8.2 HIGH
Network 		- - Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspac… CWE-427
CWE-829
 Uncontrolled Search Path Element
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-44358 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
1652 8.7 HIGH
Network 		- - Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in … CWE-269
 Improper Privilege Management 		CVE-2026-44543 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
1653 7.4 HIGH
Network 		- - FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totp_setup.php is callable from a session that has only passed the passwo… CWE-200
CWE-287
CWE-306
Information Exposure
Improper Authentication
Missing Authentication for Critical Function 		CVE-2026-44460 2026-06-2 03:33 2026-05-28 Show GitHub Exploit DB Packet Storm
1654 - - - mapfish-print is a component of MapFish for printing templated cartographic maps. From 3.23.0 to before 3.28.28, 3.30.30, 3.31.22, 3.33.14, and 4.0.3, the attacker can execute arbitrary code in Dyna… CWE-94
Code Injection 		CVE-2026-44672 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
1655 5.9 MEDIUM
Network 		github enterprise_server A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8606 2026-06-2 03:33 2026-05-27 Show GitHub Exploit DB Packet Storm
1656 7.5 HIGH
Network 		yhirose cpp-httplib cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::set_trusted_proxies() with a non-empty trusted-proxy list, an att… CWE-476
 NULL Pointer Dereference 		CVE-2026-46527 2026-06-2 03:32 2026-05-30 Show GitHub Exploit DB Packet Storm
1657 - - - RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An atta… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-47161 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm
1658 8.2 HIGH
Network 		- - RVF (formerly Remix Validated Form) provides easy form validation and state management for React. From 6.0.0 to before 6.0.4 and 7.0.2, setPath in @rvf/set-get (used by @rvf/core to flatten incoming … CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-44483 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm
1659 7.5 HIGH
Network 		- - Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters (., [, ], *, **, ?). When attacker-controlle… CWE-22
CWE-89
CWE-915
CWE-1284
Path Traversal
SQL Injection
 Improperly Controlled Modification of Dynamically-Determined Object Attributes
 Improper Validation of Specified Quantity in Input 		CVE-2026-44635 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm
1660 8.4 HIGH
Network 		- - Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Autho… CWE-863
 Incorrect Authorization 		CVE-2026-45108 2026-06-2 03:31 2026-05-28 Show GitHub Exploit DB Packet Storm