Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2471	7.8	重要 Local	Nullsoft	Nullsoft Scriptable Install System	NullsoftのNullsoft Scriptable Install Systemにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-42171	2026-05-20 13:30	2026-04-24	Show	GitHub Exploit DB Packet Storm

2472	4.3	警告 Network	getkirby	kirby	getkirbyのkirbyにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-42174	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2473	7.5	重要 Network	OpenBao	OpenBao	OpenBaoにおける保存または転送前の重要な情報の削除に関する脆弱性	CWE-212 保存または転送前の重要な情報の不適切な削除	CVE-2026-42186	2026-05-20 13:30	2026-05-14	Show	GitHub Exploit DB Packet Storm

2474	7.5	重要 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-42245	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2475	7.4	重要 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-392 CWE-393 CWE-636 CWE-754 CWE-841	CVE-2026-42246	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2476	9.8	緊急 Network	ollama	ollama	Ollamaにおけるダウンロードしたコードの完全性検証不備に関する脆弱性	CWE-494 ダウンロードしたコードの完全性検証不備	CVE-2026-42248	2026-05-20 13:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

2477	9.8	緊急 Network	ollama	ollama	Ollamaにおける複数の脆弱性	CWE-22 CWE-494	CVE-2026-42249	2026-05-20 13:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

2478	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-77 CWE-93	CVE-2026-42257	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2479	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-77 CWE-93	CVE-2026-42258	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

2480	7.1	重要 Network	Quantum Nous	New API	Quantum NousのNew APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42339	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2671	6.5	MEDIUM Adjacent	-	-	A buffer overflow vulnerability in the UPnP AddPortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial-of…	CWE-120 Classic Buffer Overflow	CVE-2026-3870	2026-06-2 23:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

2672	6.5	MEDIUM Adjacent	-	-	A buffer overflow vulnerability in the UPnP DeletePortMapping() command in Zyxel VMG4005-B50B firmware versions through 5.13(ABRL.5.4)C0 could allow an adjacent attacker to trigger a temporary denial…	CWE-120 Classic Buffer Overflow	CVE-2026-3871	2026-06-2 23:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

2673	-		-	-	LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to th…	CWE-280 Improper Handling of Insufficient Permissions or Privileges	CVE-2026-10549	2026-06-2 23:45	2026-06-2	Show	GitHub Exploit DB Packet Storm

2674	8.8	HIGH Network	-	-	microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw_to_header() function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a cra…	CWE-121 Stack-based Buffer Overflow	CVE-2026-43623	2026-06-2 23:43	2026-06-2	Show	GitHub Exploit DB Packet Storm

2675	8.2	HIGH Network	-	-	F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized user-suppli…	CWE-22 Path Traversal	CVE-2026-43624	2026-06-2 23:43	2026-06-2	Show	GitHub Exploit DB Packet Storm

2676	5.9	MEDIUM Network	-	-	CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp a…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2026-43625	2026-06-2 23:43	2026-06-2	Show	GitHub Exploit DB Packet Storm

2677	7.1	HIGH Network	-	-	CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in tempora…	CWE-377 Insecure Temporary File	CVE-2026-49134	2026-06-2 23:43	2026-06-2	Show	GitHub Exploit DB Packet Storm

2678	7.1	HIGH Local	-	-	CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictabl…	CWE-59 CWE-377 Link Following Insecure Temporary File	CVE-2026-49135	2026-06-2 23:43	2026-06-2	Show	GitHub Exploit DB Packet Storm

2679	5.0	MEDIUM Network	-	-	Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL th…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-49138	2026-06-2 23:43	2026-06-2	Show	GitHub Exploit DB Packet Storm

2680	-		-	-	Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the Microsoft Teams channel handler that allows remote attackers to exfiltrate Bot Framework bearer tokens by su…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-49139	2026-06-2 23:43	2026-06-2	Show	GitHub Exploit DB Packet Storm