Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2791 8.8 重要
Network 		openwebui open webui openwebuiのopen webuiにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-45672 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2792 7.5 重要
Network 		ws project ws ws projectのwsにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-45736 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2793 5.5 警告
Local 		freedesktop.org GStreamer Good Plug-ins freedesktop.orgのGStreamer Good Plug-insにおけるゼロ除算に関する脆弱性 CWE-369
ゼロ除算 		CVE-2026-46469 2026-05-21 10:50 2026-05-14 Show GitHub Exploit DB Packet Storm
2794 9.1 緊急
Network 		freedesktop.org GStreamer Good Plug-ins freedesktop.orgのGStreamer Good Plug-insにおけるゼロ除算に関する脆弱性 CWE-369
ゼロ除算 		CVE-2026-46470 2026-05-21 10:50 2026-05-14 Show GitHub Exploit DB Packet Storm
2795 7 重要
Local 		Vim Vim Vimにおける複数の脆弱性 CWE-78
CWE-88
CVE-2026-46483 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2796 7.3 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおける複数の脆弱性 CWE-94
CWE-95
CVE-2026-46586 2026-05-21 10:50 2026-05-19 Show GitHub Exploit DB Packet Storm
2797 5 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-6333 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
2798 6.5 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-6340 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
2799 9.8 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-7301 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
2800 9.1 緊急
Network 		LMSYS Org SGLang LMSYS OrgのSGLangにおけるパストラバーサルの脆弱性 CWE-35
パストラバーサル 		CVE-2026-7302 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2831 - - - In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack (request smuggling), which in turn can be… CWE-444
HTTP Request Smuggling 		CVE-2026-50052 2026-06-5 01:15 2026-06-3 Show GitHub Exploit DB Packet Storm
2832 - - - Pterodactyl is a free, open-source game server management panel. Prior to version 1.12.3, the Pterodactyl Client API has a logic flaw that lets users bypass their assigned limits for database allocat… CWE-367
CWE-770
 Time-of-check Time-of-use (TOCTOU) Race Condition
 Allocation of Resources Without Limits or Throttling 		CVE-2026-35202 2026-06-5 01:12 2026-06-3 Show GitHub Exploit DB Packet Storm
2833 5.3 MEDIUM
Network 		- - CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing validation for FULL type authen… CWE-287
Improper Authentication 		CVE-2026-45289 2026-06-5 01:12 2026-06-3 Show GitHub Exploit DB Packet Storm
2834 4.9 MEDIUM
Network 		- - alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, the alf.io extension sandbox injects a fully-functional HTTP cli… CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-41412 2026-06-5 01:12 2026-06-3 Show GitHub Exploit DB Packet Storm
2835 6.5 MEDIUM
Network 		- - wire-ios is an iOS client for the Wire secure messaging application. Prior to version 4.16.0, upon receiving a crafted malicious Proteus external message with an encrypted payload that is shorter tha… CWE-20
CWE-191
 Improper Input Validation 
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-35049 2026-06-5 01:12 2026-06-3 Show GitHub Exploit DB Packet Storm
2836 8.5 HIGH
Network 		- - Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHI… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-49120 2026-06-5 01:10 2026-06-3 Show GitHub Exploit DB Packet Storm
2837 8.8 HIGH
Adjacent 		- - BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /_log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitti… CWE-94
Code Injection 		CVE-2026-49143 2026-06-5 01:10 2026-06-3 Show GitHub Exploit DB Packet Storm
2838 6.5 MEDIUM
Adjacent 		- - BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the _default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files.… CWE-22
Path Traversal 		CVE-2026-49144 2026-06-5 01:10 2026-06-3 Show GitHub Exploit DB Packet Storm
2839 5.9 MEDIUM
Network 		- - QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password ha… CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2026-25861 2026-06-5 01:10 2026-06-3 Show GitHub Exploit DB Packet Storm
2840 3.6 LOW
Local 		- - A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/utils/helpers.py of the component DataFrame Hash Han… CWE-327
CWE-328
 Use of a Broken or Risky Cryptographic Algorithm
 Use of Weak Hash 		CVE-2026-10766 2026-06-5 01:10 2026-06-4 Show GitHub Exploit DB Packet Storm