Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3351 5.4 警告
Network 		TensorOpera FEDML TensorOperaのFEDMLにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-5535 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3352 7.3 重要
Network 		TensorOpera FEDML TensorOperaのFEDMLにおける複数の脆弱性 CWE-20
CWE-502
CVE-2026-5536 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3353 9.8 緊急
Network 		Technostrobe HI-LED-WR120-G2 Firmware TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性 CWE-266
CWE-284
CVE-2026-5569 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3354 9.8 緊急
Network 		Technostrobe HI-LED-WR120-G2 Firmware TechnostrobeのHI-LED-WR120-G2 Firmwareにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-5570 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3355 7.5 重要
Network 		Technostrobe HI-LED-WR120-G2 Firmware TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性 CWE-200
CWE-284
CVE-2026-5571 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3356 4.3 警告
Network 		Technostrobe HI-LED-WR120-G2 Firmware TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性 CWE-352
CWE-862
CVE-2026-5572 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3357 9.8 緊急
Network 		Technostrobe HI-LED-WR120-G2 Firmware TechnostrobeのHI-LED-WR120-G2 Firmwareにおける複数の脆弱性 CWE-284
CWE-434
CVE-2026-5573 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3358 8.6 重要
Network 		Song Li (Song-Li) Cross browser fingerprinting Song Li (Song-Li)のCross browser fingerprintingにおける複数の脆弱性 CWE-74
CWE-89
CWE-89
CVE-2026-5577 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3359 9.8 緊急
Network 		Martin (Fosowl) AgenticSeek Martin (Fosowl)のAgenticSeekにおける複数の脆弱性 CWE-74
CWE-94
CVE-2026-5584 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
3360 7.5 重要
Network 		Tencent AI-Infra-Guard TencentのAI-Infra-Guardにおける複数の脆弱性 CWE-200
CWE-284
CWE-noinfo
CVE-2026-5585 2026-05-7 12:27 2026-04-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1491 - - - Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic to unauthorized actors. CWE-284
Improper Access Control 		CVE-2026-49198 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm
1492 - - - Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device. CWE-77
Command Injection 		CVE-2026-49199 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm
1493 - - - The acer_cgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials (for web and Telnet), leading to unauthorized s… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-49200 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm
1494 - - - The upload.cgi binary, responsible for processing device backups, contains a hardcoded AES encryption key. This allows an attacker to decrypt, modify, and re-encrypt system backups, facilitating pers… CWE-798
 Use of Hard-coded Credentials 		CVE-2026-49201 2026-05-29 23:46 2026-05-29 Show GitHub Exploit DB Packet Storm
1495 7.5 HIGH
Network 		- - Music Player Daemon (MPD) before version 0.24.11 contains a path traversal vulnerability in LocalStorage::MapFSOrThrow and LocalStorage::MapUTF8 within the local storage plugin, where the on-disk pat… CWE-22
Path Traversal 		CVE-2026-49128 2026-05-29 23:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1496 8.2 HIGH
Network 		- - phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in the password reset endpoint that allows unauthenticated attackers to reset any user account password without token verificatio… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2026-35675 2026-05-29 23:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1497 6.5 MEDIUM
Network 		apache ignite Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This iss… CWE-23
 Relative Path Traversal 		CVE-2025-48977 2026-05-29 23:11 2026-05-28 Show GitHub Exploit DB Packet Storm
1498 9.8 CRITICAL
Network 		inhandnetworks ir315_firmware
ir302_firmware
ir615_firmware
ir305_firmware 		A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier… CWE-77
Command Injection 		CVE-2026-38702 2026-05-29 23:09 2026-05-29 Show GitHub Exploit DB Packet Storm
1499 9.8 CRITICAL
Network 		inhandnetworks ir315_firmware
ir302_firmware
ir615_firmware
ir305_firmware 		A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier… CWE-77
Command Injection 		CVE-2026-38703 2026-05-29 23:09 2026-05-29 Show GitHub Exploit DB Packet Storm
1500 9.8 CRITICAL
Network 		inhandnetworks ir315_firmware
ir302_firmware
ir615_firmware
ir305_firmware 		A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier ve… CWE-77
Command Injection 		CVE-2026-38707 2026-05-29 23:08 2026-05-29 Show GitHub Exploit DB Packet Storm