Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
21 5.3 警告
Network 		VMware Spring Framework VMwareのSpring Frameworkにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-41852 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
22 5.1 警告
Local 		ImageMagick ImageMagick ImageMagickにおける複数の脆弱性 New CWE-125
CWE-191
CVE-2026-42326 2026-06-12 14:53 2026-06-10 Show GitHub Exploit DB Packet Storm
23 7.5 重要
Network 		Svelte project Svelte Svelte projectのSvelteにおける非効率的な正規表現の複雑さに関する脆弱性 New CWE-1333
非効率的な正規表現の複雑さ 		CVE-2026-42567 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
24 7.5 重要
Network 		Svelte project devalue Svelte projectのdevalueにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-42570 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
25 6.1 警告
Network 		Svelte project Svelte Svelte projectのSvelteにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42573 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
26 6.1 警告
Network 		Svelte project Svelte Svelte projectのSvelteにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42599 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
27 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 25h2
Microsoft Windows 11 26h1
Microsoft Windows 11 24h2 		Windows 管理者保護のセキュリティ機能バイパスの脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-42829 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
28 7 重要
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft&n… 		Windows Function Discovery Service (fdwsd.dll) の特権昇格の脆弱性 New CWE-362
CWE-416
CVE-2026-42836 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
29 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2019
Microsoft Windows 11 26h1
Microsoft … 		Windows Projected File System の特権の昇格の脆弱性 New CWE-125
境界外読み取り 		CVE-2026-42837 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
30 9.6 緊急
Network 		flowiseai flowise flowiseaiのflowiseにおける複数の脆弱性 New CWE-284
CWE-639
CWE-915
CVE-2026-42861 2026-06-12 14:52 2026-06-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319641 4.3 MEDIUM
Network 		teamviewer meeting
teamviewer 		Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the cl… NVD-CWE-Other
CVE-2024-6053 2024-09-20 02:22 2024-08-29 Show GitHub Exploit DB Packet Storm
319642 5.3 MEDIUM
Network 		shedaniel roughlyenoughitems Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index… CWE-129
 Improper Validation of Array Index 		CVE-2024-42698 2024-09-20 01:29 2024-08-29 Show GitHub Exploit DB Packet Storm
319643 5.3 MEDIUM
Network 		mezz justenoughitems JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JE… CWE-129
 Improper Validation of Array Index 		CVE-2024-41565 2024-09-20 01:19 2024-08-29 Show GitHub Exploit DB Packet Storm
319644 7.3 HIGH
Local 		openpolicyagent open_policy_agent A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrar… CWE-294
Authentication Bypass by Capture-replay  		CVE-2024-8260 2024-09-20 01:08 2024-08-30 Show GitHub Exploit DB Packet Storm
319645 4.6 MEDIUM
Physics 		ibm maas360_mdm IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-35118 2024-09-20 00:53 2024-08-30 Show GitHub Exploit DB Packet Storm
319646 8.1 HIGH
Network 		zohocorp manageengine_exchange_reporter_plus Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. CWE-89
SQL Injection 		CVE-2024-6204 2024-09-20 00:41 2024-08-31 Show GitHub Exploit DB Packet Storm
319647 8.1 HIGH
Network 		master-nan sweet-cms A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/l… CWE-117
 Improper Output Neutralization for Logs 		CVE-2024-8334 2024-09-20 00:39 2024-08-30 Show GitHub Exploit DB Packet Storm
319648 9.8 CRITICAL
Network 		openrapid rapidcms A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username … CWE-89
SQL Injection 		CVE-2024-8335 2024-09-20 00:31 2024-08-30 Show GitHub Exploit DB Packet Storm
319649 8.1 HIGH
Network 		eclipse eclipse_dataspace_components In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date… CWE-287
Improper Authentication 		CVE-2024-8642 2024-09-20 00:18 2024-09-11 Show GitHub Exploit DB Packet Storm
319650 7.5 HIGH
Network 		hoverfly hoverfly Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST handler allows users to create new simulation views from … CWE-22
Path Traversal 		CVE-2024-45388 2024-09-20 00:18 2024-09-3 Show GitHub Exploit DB Packet Storm