Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226361 9 危険 VMware - VMware vCenter Server Appliance における任意のプログラムを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-3079 2013-05-2 14:47 2013-04-25 Show GitHub Exploit DB Packet Storm
226362 6 警告 SAP - SAP BASIS Communication Services における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-3063 2013-05-2 14:40 2013-04-16 Show GitHub Exploit DB Packet Storm
226363 6.5 警告 SAP - SAP Production Planning and Control の Engineering Workbench コンポーネントにおけるトランザクションの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3062 2013-05-2 14:38 2013-04-16 Show GitHub Exploit DB Packet Storm
226364 6.5 警告 SAP - SAP industry solution for healthcare および SAP ERP Central Component におけるトランザクションの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3061 2013-05-2 14:37 2013-04-16 Show GitHub Exploit DB Packet Storm
226365 7.1 危険 Galil - Galil RIO-47100 Pocket PLC におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0699 2013-05-2 14:34 2013-04-26 Show GitHub Exploit DB Packet Storm
226366 9.4 危険 MatrikonOPC - MatrikonOPC A&E Historian の Health Monitor サービスにおけるディレクトリトラバーサルの脆弱性 - CVE-2013-0673 2013-05-2 14:33 2013-04-26 Show GitHub Exploit DB Packet Storm
226367 5 警告 MatrikonOPC - MatrikonOPC Security Gateway の設定ユーティリティにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-0666 2013-05-2 14:31 2013-04-26 Show GitHub Exploit DB Packet Storm
226368 4.3 警告 IBM - IBM Lotus Notes におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0538 2013-05-2 14:20 2013-04-30 Show GitHub Exploit DB Packet Storm
226369 5.8 警告 IBM - IBM Lotus Notes における Java コードの実行および X-Confirm-Reading-To 機能の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0127 2013-05-2 14:19 2013-04-30 Show GitHub Exploit DB Packet Storm
226370 4.3 警告 Henry Schein - Dentrix G5 の認証情報に関する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-4952 2013-05-2 14:15 2013-04-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3771 - - - FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup co… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-26978 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
3772 6.5 MEDIUM
Network 		- - BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.19, the recording playback (presentation format) was not sanitizing user's input in public chat. This allowed for a malicio… CWE-79
Cross-site Scripting 		CVE-2026-27737 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
3773 - - - Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "add_profile_threshold" permission to create a global … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-33052 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
3774 7.5 HIGH
Network 		- - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of… CWE-400
CWE-459
CWE-770
 Uncontrolled Resource Consumption
 Incomplete Cleanup
 Allocation of Resources Without Limits or Throttling 		CVE-2026-33232 2026-05-20 00:04 2026-05-19 Show GitHub Exploit DB Packet Storm
3775 8.2 HIGH
Local 		- - Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows o… CWE-24
 Path Traversal: '../filedir' 		CVE-2026-22810 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
3776 9.8 CRITICAL
Network 		- - WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and Appium. Versions below 9.24.0 contain a command injection vulnerability leading to r… CWE-78
OS Command  		CVE-2026-25244 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
3777 7.0 HIGH
Local 		- - In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_… CWE-378
 Creation of Temporary File With Insecure Permissions 		CVE-2026-4137 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
3778 5.4 MEDIUM
Network 		microsoft edge_chromium Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-45492 2026-05-20 00:03 2026-05-19 Show GitHub Exploit DB Packet Storm
3779 8.8 HIGH
Network 		google chrome Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free 		CVE-2026-8544 2026-05-19 23:53 2026-05-15 Show GitHub Exploit DB Packet Storm
3780 3.1 LOW
Network 		google chrome Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromi… CWE-119
CWE-284
Incorrect Access of Indexable Resource ('Range Error') 
Improper Access Control 		CVE-2026-8545 2026-05-19 23:53 2026-05-15 Show GitHub Exploit DB Packet Storm