Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
271 3.3
Local 		Canonical Ubuntu CanonicalのUbuntuにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2026-47337 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
272 6.5 警告
Network 		hono hono honoにおける認可に関する脆弱性 New CWE-285
不適切な認可 		CVE-2026-47673 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
273 5.3 警告
Network 		hono hono honoにおける複数の脆弱性 New CWE-1289
CWE-185
CVE-2026-47674 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
274 5.3 警告
Network 		hono hono honoにおける複数の脆弱性 New CWE-113
CWE-1287
CVE-2026-47675 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
275 5.3 警告
Network 		hono hono honoにおける複数の脆弱性 New CWE-444
CWE-693
CVE-2026-47676 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
276 8.8 重要
Network 		mintplexlabs anythingllm mintplexlabsのanythingllmにおける複数の脆弱性 New CWE-77
CWE-88
CVE-2026-48116 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
277 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-48155 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
278 3.3
Local 		pypdf project pypdf pypdf projectのpypdfにおける過度な反復の脆弱性 New CWE-834
過度なイテレーション 		CVE-2026-48156 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
279 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-48735 2026-06-3 17:00 2026-05-28 Show GitHub Exploit DB Packet Storm
280 3.8
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける根本の脆弱性による認証回避の脆弱性 New CWE-305
根本の脆弱性による認証回避 		CVE-2026-6334 2026-06-3 17:00 2026-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2071 4.3 MEDIUM
Network 		- - A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. E… CWE-200
CWE-209
Information Exposure
Information Exposure Through an Error Message 		CVE-2026-9583 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2072 7.3 HIGH
Network 		- - A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM up to 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5. The affected element is an unknown function of the component Dashboard. Such mani… CWE-266
CWE-284
 Incorrect Privilege Assignment
Improper Access Control 		CVE-2026-9562 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2073 6.3 MEDIUM
Network 		- - A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argu… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-9511 2026-05-29 01:16 2026-05-26 Show GitHub Exploit DB Packet Storm
2074 4.8 MEDIUM
Network 		- - Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random_bytes function fell back to using the built-in rand() function when… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2026-8647 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2075 7.5 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for… CWE-862
 Missing Authorization 		CVE-2026-48151 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2076 8.1 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/… CWE-79
Cross-site Scripting 		CVE-2026-48149 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2077 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection.… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-48146 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2078 5.3 MEDIUM
Network 		- - Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted… CWE-93
CRLF Injection 		CVE-2026-46740 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2079 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is D… CWE-200
Information Exposure 		CVE-2026-46427 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2080 4.2 MEDIUM
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint (POST /api/public/v1/roles/unassign) updates user documents in CouchDB but does not invalidate… CWE-269
 Improper Privilege Management 		CVE-2026-46424 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm