Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226801 2.1 注意 Katello Project - Katello の katello-configure における Candlepin CA 証明書を改ざんされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6116 2013-04-5 18:51 2013-03-1 Show GitHub Exploit DB Packet Storm
226802 4 警告 Opera Software ASA - Opera における識別攻撃およびプレーンテキストリカバリ攻撃を誘発される脆弱性 CWE-310
暗号の問題 		CVE-2013-1618 2013-04-5 17:23 2013-01-30 Show GitHub Exploit DB Packet Storm
226803 9.3 危険 Invensys - Invensys Wonderware Win-XML Exporter における任意のファイルを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4710 2013-04-5 15:57 2013-03-21 Show GitHub Exploit DB Packet Storm
226804 4 警告 Schneider Electric - Schneider Electric Modicon M340 の PLC モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-2761 2013-04-5 15:56 2013-01-23 Show GitHub Exploit DB Packet Storm
226805 8.5 危険 Schneider Electric - 複数の Schneider Electric Modicon 製品上の FactoryCast サービスにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-0664 2013-04-5 15:55 2013-01-23 Show GitHub Exploit DB Packet Storm
226806 6.8 警告 Schneider Electric - 複数の Schneider Electric Modicon 製品におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-0663 2013-04-5 15:55 2013-01-23 Show GitHub Exploit DB Packet Storm
226807 5.8 警告 マイクロソフト - Microsoft Windows モダン メールにおける他の Web サイトのリンクになりすまされる脆弱性 CWE-noinfo
情報不足 		CVE-2013-1299 2013-04-5 14:58 2013-03-27 Show GitHub Exploit DB Packet Storm
226808 7.8 危険 シスコシステムズ - Cisco IOS におけるサービス運用妨害 (メモリ消費またはデバイスリロード) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1145 2013-04-5 14:55 2013-01-18 Show GitHub Exploit DB Packet Storm
226809 7.8 危険 シスコシステムズ - Cisco IOS の IKEv1 の実装におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1144 2013-04-5 14:51 2013-03-27 Show GitHub Exploit DB Packet Storm
226810 10 危険 PostgreSQL.org - PostgreSQL における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-1903 2013-04-5 14:26 2013-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4141 7.4 HIGH
Network 		- - Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob() / Path.rgl… CWE-59
CWE-200
Link Following
Information Exposure 		CVE-2026-45539 2026-05-19 04:33 2026-05-16 Show GitHub Exploit DB Packet Storm
4142 - - - An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive… CWE-862
 Missing Authorization 		CVE-2026-2031 2026-05-19 04:32 2026-05-16 Show GitHub Exploit DB Packet Storm
4143 7.3 HIGH
Network 		- - A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of the component test-hass Endpoint. This manipulation cau… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8725 2026-05-19 04:31 2026-05-17 Show GitHub Exploit DB Packet Storm
4144 6.3 MEDIUM
Network 		- - A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb_system/function/c_system_event.php of the component Commend Approval Handler. This manipu… CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-8747 2026-05-19 04:31 2026-05-17 Show GitHub Exploit DB Packet Storm
4145 7.3 HIGH
Network 		- - A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function _get_all_models of the file hiyoriUI.py of the component Model Handl… CWE-22
Path Traversal 		CVE-2026-8755 2026-05-19 04:31 2026-05-17 Show GitHub Exploit DB Packet Storm
4146 7.3 HIGH
Network 		- - A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generate_config of the file webui_preprocess.py of the comp… CWE-22
Path Traversal 		CVE-2026-8756 2026-05-19 04:31 2026-05-17 Show GitHub Exploit DB Packet Storm
4147 7.2 HIGH
Network 		- - A security vulnerability has been detected in H3C Magic B3 up to 100R002. This affects the function UpdateWanParams of the file /goform/aspForm. Such manipulation of the argument param leads to buffe… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-8764 2026-05-19 04:31 2026-05-18 Show GitHub Exploit DB Packet Storm
4148 9.8 CRITICAL
Network 		- - A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of the file src/apps/snmp/snmp_msg.c of the component snmpv3 USM Handler. Performing a manipulation of… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-8836 2026-05-19 04:26 2026-05-19 Show GitHub Exploit DB Packet Storm
4149 7.3 HIGH
Network 		- - A vulnerability was identified in xiandafu beetl up to 3.20.2. Affected is an unknown function of the file beetl-classic-integration/beetl-spring-classic/src/main/java/org/beetl/ext/spring/SpELFuncti… CWE-20
CWE-917
 Improper Input Validation 
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2026-8759 2026-05-19 04:22 2026-05-18 Show GitHub Exploit DB Packet Storm
4150 5.3 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentia… CWE-20
 Improper Input Validation  		CVE-2026-8516 2026-05-19 04:17 2026-05-15 Show GitHub Exploit DB Packet Storm