Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2561 5.4 警告
Network 		Langfuse GmbH Langfuse Langfuse GmbHのLangfuseにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-41487 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
2562 9.8 緊急
Network 		Nhost Nhost/auth NhostのNhost/authにおける認証に関する脆弱性 CWE-287
CWE-noinfo
CVE-2026-41574 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
2563 7.5 重要
Network 		Web Technologies Change Detection Web TechnologiesのChange DetectionにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2026-41895 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
2564 9.8 緊急
Network 		レッドハット
GNU Project		 Red Hat OpenShift Container Platform
Red Hat Hardened Images
GnuTLS
Red Hat Enterprise Linux 		GNU Project等の複数ベンダの製品におけるNull バイト相互作用エラー (Poison Null Byte) の脆弱性 CWE-626
Null バイト相互作用エラー (Poison Null Byte) 		CVE-2026-42010 2026-05-15 11:00 2026-05-7 Show GitHub Exploit DB Packet Storm
2565 9.6 緊急
Network 		langflow langflow langflowにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-42048 2026-05-15 11:00 2026-05-12 Show GitHub Exploit DB Packet Storm
2566 5.5 警告
Local 		ImageMagick ImageMagick ImageMagickにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-42050 2026-05-15 11:00 2026-05-11 Show GitHub Exploit DB Packet Storm
2567 8.1 重要
Network 		- OpenC3のOpenC3 COSMOSにおける不要な特権による実行に関する脆弱性 CWE-250
不要な特権による実行 		CVE-2026-42088 2026-05-15 11:00 2026-05-4 Show GitHub Exploit DB Packet Storm
2568 8.8 重要
Network 		litellm litellm LiteLLMにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-42203 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
2569 9.1 緊急
Network 		axios project axios axios projectのaxiosにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性 CWE-1321
オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染) 		CVE-2026-42264 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
2570 5.7 警告
Network 		Kimai project kimai Kimai projectのKimaiにおけるCSV ファイル内の数式要素の中和に関する脆弱性 CWE-1236
CSV ファイル内の数式要素の不適切な中和 		CVE-2026-42267 2026-05-15 11:00 2026-05-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312001 7.2 HIGH
Network 		dlink dsl6740c_firmware The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functio… CWE-78
OS Command  		CVE-2024-11062 2024-11-16 03:21 2024-11-11 Show GitHub Exploit DB Packet Storm
312002 5.3 MEDIUM
Network 		expressjs basic-auth-connect basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect < 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixe… NVD-CWE-Other
CVE-2024-47178 2024-11-16 03:05 2024-10-1 Show GitHub Exploit DB Packet Storm
312003 6.1 MEDIUM
Network 		clinical-genomics scout Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open… CWE-601
Open Redirect 		CVE-2024-47530 2024-11-16 03:03 2024-10-1 Show GitHub Exploit DB Packet Storm
312004 3.5 LOW
Network 		clinical-genomics scout Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extensio… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2024-47531 2024-11-16 03:02 2024-10-1 Show GitHub Exploit DB Packet Storm
312005 6.5 MEDIUM
Network 		zope restrictedpython RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj a… NVD-CWE-noinfo
CVE-2024-47532 2024-11-16 02:59 2024-10-1 Show GitHub Exploit DB Packet Storm
312006 4.8 MEDIUM
Network 		zzcms zzcms A vulnerability was found in ZZCMS up to 2023. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/msg.php. The manipulation of the argument keyw… CWE-79
Cross-site Scripting 		CVE-2024-11130 2024-11-16 02:57 2024-11-13 Show GitHub Exploit DB Packet Storm
312007 7.8 HIGH
Local 		dell smartfabric_os10 Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A l… CWE-77
Command Injection 		CVE-2024-49557 2024-11-16 02:36 2024-11-12 Show GitHub Exploit DB Packet Storm
312008 3.3 LOW
Local 		dell smartfabric_os10 Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local… CWE-552
 Files or Directories Accessible to External Parties 		CVE-2024-48838 2024-11-16 02:36 2024-11-12 Show GitHub Exploit DB Packet Storm
312009 7.8 HIGH
Local 		dell smartfabric_os10 Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit … CWE-77
Command Injection 		CVE-2024-49560 2024-11-16 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
312010 7.8 HIGH
Local 		dell smartfabric_os10 Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potenti… NVD-CWE-noinfo
CVE-2024-49558 2024-11-16 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm