Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224081 6.4 警告 オラクル - Oracle Database Server の XML Parser における脆弱性 CWE-noinfo
情報不足 		CVE-2013-5771 2013-10-17 18:13 2013-10-15 Show GitHub Exploit DB Packet Storm
224082 4 警告 オラクル - Oracle Primavera Products Suite の Primavera P6 Enterprise Project Portfolio Management における Web Access に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-3766 2013-10-17 18:10 2013-10-15 Show GitHub Exploit DB Packet Storm
224083 5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Portal に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5794 2013-10-17 18:08 2013-10-15 Show GitHub Exploit DB Packet Storm
224084 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における PIA Core Technology に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5779 2013-10-17 18:08 2013-10-15 Show GitHub Exploit DB Packet Storm
224085 5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における XML Publisher に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5765 2013-10-17 18:08 2013-10-15 Show GitHub Exploit DB Packet Storm
224086 5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Integration Broker に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-3835 2013-10-17 18:08 2013-10-15 Show GitHub Exploit DB Packet Storm
224087 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HRMS における Career's Home に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-3785 2013-10-17 18:07 2013-10-15 Show GitHub Exploit DB Packet Storm
224088 4.3 警告 オラクル - 複数の Oracle Enterprise Manager 製品における DB Performance Advisories/UIs に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5766 2013-10-17 17:52 2013-10-15 Show GitHub Exploit DB Packet Storm
224089 4.3 警告 オラクル - 複数の Oracle Enterprise Manager 製品における Schema Management に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-3762 2013-10-17 17:52 2013-10-15 Show GitHub Exploit DB Packet Storm
224090 2.4 注意 オラクル - Oracle Industry Applications の Oracle Siebel CTMS における SC-OC Integration に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5762 2013-10-17 17:34 2013-10-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1051 8.8 HIGH
Network 		- - BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/_internal/container/frontend/dockerfile/templates/base_v2.j2 in… CWE-78
OS Command  		CVE-2026-44345 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1052 8.8 HIGH
Network 		- - BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs[*].n… CWE-78
CWE-94
OS Command 
Code Injection 		CVE-2026-44346 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1053 6.8 MEDIUM
Adjacent 		- - Volcano is a Kubernetes-native batch scheduling system. Prior to v1.14.2, v1.13.3, and v1.12.4, the Volcano webhook server does not enforce a size limit on incoming HTTP request bodies. Any in-cluste… CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-44247 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1054 8.2 HIGH
Network 		- - Anchor is a framework providing several convenient developer tools for writing Solana programs. From 1.0.0 to before 1.0.2, an logic error causes anchor programs to accept any program id when requiri… CWE-20
 Improper Input Validation  		CVE-2026-45137 2026-05-30 00:34 2026-05-28 Show GitHub Exploit DB Packet Storm
1055 - - - electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From 3.0.6 to 3.8.8, This vulnerability is fixed in 3.9.0. CWE-94
CWE-732
CWE-940
Code Injection
 Incorrect Permission Assignment for Critical Resource
 Improper Verification of Source of a Communication Channel 		CVE-2026-45353 2026-05-30 00:34 2026-05-29 Show GitHub Exploit DB Packet Storm
1056 - - - electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confid… CWE-326
CWE-329
CWE-353
CWE-759
CWE-916
Inadequate Encryption Strength
 Not Using a Random IV with CBC Mode
 Missing Support for Integrity Check
 Use of a One-Way Hash without a Salt
 Use of Password Hash With Insufficient Computational Effort 		CVE-2026-45787 2026-05-30 00:34 2026-05-29 Show GitHub Exploit DB Packet Storm
1057 6.1 MEDIUM
Network 		golang net Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-25681 2026-05-30 00:30 2026-05-23 Show GitHub Exploit DB Packet Storm
1058 7.5 HIGH
Network 		- - Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass use… CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-44209 2026-05-30 00:29 2026-05-27 Show GitHub Exploit DB Packet Storm
1059 5.4 MEDIUM
Network 		- - FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting (XSS) vulnerability exists in the product search modal of sales (Core/Lib/Aja… CWE-79
Cross-site Scripting 		CVE-2026-42877 2026-05-30 00:29 2026-05-28 Show GitHub Exploit DB Packet Storm
1060 - - - Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devi… CWE-89
SQL Injection 		CVE-2026-44886 2026-05-30 00:29 2026-05-28 Show GitHub Exploit DB Packet Storm