Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3001	8.1	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるファイル名やパス名の外部制御に関する脆弱性	CWE-73 ファイル名やパス名の外部制御	CVE-2026-35080	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

3002	8.1	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-35081	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

3003	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35082	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

3004	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-35083	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

3005	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-35084	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

3006	8.8	重要 Network	MBS GmbH	Universal Gateway Firmware	MBS GmbHのUniversal Gateway Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-35085	2026-06-9 14:11	2026-06-3	Show	GitHub Exploit DB Packet Storm

3007	7.5	重要 Network	レッドハット GNU Project	Redhat Enterprise Linux For Power Little Endian Els Red Hat Enterprise Linux for IBM z Systems - Extended Updat…	GNU Project等の複数ベンダの製品におけるAPI への入力に対する未定義の動作に関する脆弱性	CWE-475 API への入力に対する未定義の動作	CVE-2026-42009	2026-06-9 14:11	2026-05-18	Show	GitHub Exploit DB Packet Storm

3008	7.8	重要 Local	Thermalright	TR-VISION HOME	ThermalrightのTR-VISION HOMEにおける信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-4255	2026-06-9 14:11	2026-03-16	Show	GitHub Exploit DB Packet Storm

3009	6.5	警告 Network	レッドハット	Red Hat OpenShift Container Platform OpenShift Router	レッドハットのRed Hat OpenShift Container Platform等の複数製品におけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42965	2026-06-9 14:11	2026-05-29	Show	GitHub Exploit DB Packet Storm

3010	8.7	重要 Network	SUSE	Local Path Provisioner	SUSEのLocal Path Provisionerにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-44543	2026-06-9 14:11	2026-05-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
11	3.1	LOW Network	-	-	A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversation_api.py of the component Workflow Checkpoint Resto… New	CWE-99 Resource Injection	CVE-2026-13493	2026-06-28 22:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

12	3.7	LOW Network	-	-	A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodby… New	CWE-404 Improper Resource Shutdown or Release	CVE-2026-13491	2026-06-28 21:17	2026-06-28	Show	GitHub Exploit DB Packet Storm

13	3.7	LOW Network	-	-	A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Han… New	CWE-285 CWE-639 Improper Authorization Authorization Bypass Through User-Controlled Key	CVE-2026-13490	2026-06-28 21:17	2026-06-28	Show	GitHub Exploit DB Packet Storm

14	3.1	LOW Network	-	-	A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcp_server.cc of the component MCP Response Handler. This manipula… New	CWE-662 Improper Synchronization	CVE-2026-13489	2026-06-28 21:17	2026-06-28	Show	GitHub Exploit DB Packet Storm

15	7.3	HIGH Network	-	-	A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/7.php. Affected by this vulnerability is an unknown functionality of the file /preview7.php. The manipulati… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-13488	2026-06-28 20:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

16	7.3	HIGH Network	-	-	A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive.php. The manipulation of the argument sy leads to sql inje… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-13487	2026-06-28 20:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

17	7.3	HIGH Network	-	-	A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument cour… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-13486	2026-06-28 19:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

18	7.3	HIGH Network	-	-	A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /preview.php. Performing a manipulation of the argument course_year_sec… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-13485	2026-06-28 19:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

19	5.0	MEDIUM Network	-	-	A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the component Experiment-scoped Label Schema CRUD API. Such man… New	CWE-862 CWE-863 Missing Authorization Incorrect Authorization	CVE-2026-13484	2026-06-28 18:16	2026-06-28	Show	GitHub Exploit DB Packet Storm

20	8.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfio_pci_core_close_device() call vfio_pci_dma_buf_… New	-	CVE-2026-53322	2026-06-28 17:16	2026-06-27	Show	GitHub Exploit DB Packet Storm