Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3571 8.1 重要
Network 		struktur AG libheif struktur AGのlibheifにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-41071 2026-05-29 11:17 2026-05-22 Show GitHub Exploit DB Packet Storm
3572 9.3 緊急
Network 		マイクロソフト Microsoft 365 Copilot Microsoft Copilot Tampering Vulnerability CWE-77
コマンドインジェクション 		CVE-2026-41090 2026-05-29 11:17 2026-05-22 Show GitHub Exploit DB Packet Storm
3573 7.2 重要
Network 		Apache Software Foundation Apache Syncope Apache Software FoundationのApache Syncopeにおける隔離または分類に関する脆弱性 CWE-653
不適切な隔離または分類 		CVE-2026-42782 2026-05-29 11:17 2026-05-25 Show GitHub Exploit DB Packet Storm
3574 7.5 重要
Network 		マイクロソフト Microsoft 365 Copilot M365 Copilot の情報漏えいの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-42827 2026-05-29 11:17 2026-05-22 Show GitHub Exploit DB Packet Storm
3575 10 緊急
Network 		マイクロソフト Microsoft Entra ID Microsoft Entra ID の特権昇格の脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-42901 2026-05-29 11:17 2026-05-22 Show GitHub Exploit DB Packet Storm
3576 4.3 警告
Network 		Traccar Ltd Traccar Traccar LtdのTraccarにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-44314 2026-05-29 11:17 2026-05-26 Show GitHub Exploit DB Packet Storm
3577 8.7 重要
Network 		Twenty.com PBC Twenty Twenty.com PBCのTwentyにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-44729 2026-05-29 11:17 2026-05-26 Show GitHub Exploit DB Packet Storm
3578 7.2 重要
Network 		citeum opencti citeumのopenctiにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-44730 2026-05-29 11:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3579 5.3 警告
Network 		Hedera Guardian HederaのGuardianにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-45248 2026-05-29 11:16 2026-05-14 Show GitHub Exploit DB Packet Storm
3580 8.1 重要
Network 		Apache Software Foundation apache-airflow-providers-google Apache Software Foundationのapache-airflow-providers-googleにおけるエンティティ認証のない鍵交換に関する脆弱性 CWE-322
エンティティ認証のない鍵交換 		CVE-2026-45361 2026-05-29 11:16 2026-05-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
318481 5.5 MEDIUM
Local 		apple macos This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data. CWE-59
Link Following 		CVE-2024-44175 2024-10-31 02:14 2024-10-29 Show GitHub Exploit DB Packet Storm
318482 4.9 MEDIUM
Network 		mayurik petrol_pump_management A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoic… CWE-89
SQL Injection 		CVE-2024-10355 2024-10-31 02:13 2024-10-25 Show GitHub Exploit DB Packet Storm
318483 3.3 LOW
Local 		apple iphone_os
ipados 		This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls. NVD-CWE-noinfo
CVE-2024-40853 2024-10-31 02:08 2024-10-29 Show GitHub Exploit DB Packet Storm
318484 3.3 LOW
Local 		apple macos A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2024-27849 2024-10-31 02:07 2024-10-29 Show GitHub Exploit DB Packet Storm
318485 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work When the sqpoll is exiting and cancels pending work ite… NVD-CWE-noinfo
CVE-2024-50079 2024-10-31 02:05 2024-10-29 Show GitHub Exploit DB Packet Storm
318486 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of… CWE-415
 Double Free 		CVE-2024-50071 2024-10-31 02:02 2024-10-29 Show GitHub Exploit DB Packet Storm
318487 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… CWE-476
 NULL Pointer Dereference 		CVE-2024-50070 2024-10-31 01:59 2024-10-29 Show GitHub Exploit DB Packet Storm
318488 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned val… CWE-476
 NULL Pointer Dereference 		CVE-2024-50069 2024-10-31 01:58 2024-10-29 Show GitHub Exploit DB Packet Storm
318489 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() The sysfs_target->regions allocated in damon_sysf… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2024-50068 2024-10-31 01:57 2024-10-29 Show GitHub Exploit DB Packet Storm
318490 9.8 CRITICAL
Network 		codezips sales_management_system A vulnerability was found in Codezips Sales Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /addcustcom.php. The manipu… CWE-89
SQL Injection 		CVE-2024-10369 2024-10-31 01:50 2024-10-25 Show GitHub Exploit DB Packet Storm