Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3681 6.5 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性 CWE-288
代替パスまたはチャネルを使用した認証回避 		CVE-2026-4524 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3682 6.5 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-4527 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3683 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-6063 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3684 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-6073 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3685 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-6335 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3686 4.3 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-6883 2026-05-18 11:24 2026-05-14 Show GitHub Exploit DB Packet Storm
3687 9.8 緊急
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるエントロピー不足に関する脆弱性 CWE-331
エントロピー不足 		CVE-2026-7210 2026-05-18 11:24 2026-05-11 Show GitHub Exploit DB Packet Storm
3688 8.8 重要
Adjacent 		ZyXEL WRE6505 ファームウェア ZyXELのWRE6505 ファームウェアにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-7256 2026-05-18 11:24 2026-05-12 Show GitHub Exploit DB Packet Storm
3689 4.4 警告
Local 		ZyXEL WRE6505 ファームウェア ZyXELのWRE6505 ファームウェアにおける重要な情報のセキュアでない格納に関する脆弱性 CWE-922
重要な情報のセキュアでない格納 		CVE-2026-7257 2026-05-18 11:24 2026-05-12 Show GitHub Exploit DB Packet Storm
3690 7.5 重要
Network 		ZyXEL NWA1100-N ファームウェア ZyXELのNWA1100-N ファームウェアにおける古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2026-7287 2026-05-18 11:24 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313231 7.7 HIGH
Network 		linuxfoundation harbor Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authentic… CWE-863
 Incorrect Authorization 		CVE-2022-31668 2024-11-20 00:25 2024-11-14 Show GitHub Exploit DB Packet Storm
313232 6.4 MEDIUM
Network 		linuxfoundation harbor Harbor fails to validate the user permissions when updating a robot account that belongs to a project that the authenticated user doesn’t have access to.  By sending a request that attempts to updat… CWE-863
 Incorrect Authorization 		CVE-2022-31667 2024-11-20 00:25 2024-11-14 Show GitHub Exploit DB Packet Storm
313233 7.7 HIGH
Network 		linuxfoundation harbor Harbor fails to validate the user permissions when updating tag retention policies.  By sending a request to update a tag retention policy with an id that belongs to a project that the currently aut… CWE-863
 Incorrect Authorization 		CVE-2022-31670 2024-11-20 00:20 2024-11-14 Show GitHub Exploit DB Packet Storm
313234 7.7 HIGH
Network 		linuxfoundation harbor Harbor fails to validate the user permissions when updating tag immutability policies.  By sending a request to update a tag immutability policy with an id that belongs to a project that the current… CWE-863
 Incorrect Authorization 		CVE-2022-31669 2024-11-20 00:20 2024-11-14 Show GitHub Exploit DB Packet Storm
313235 9.8 CRITICAL
Network 		backpackforlaravel filemanager FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execution. This vulnerabilit… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-52306 2024-11-20 00:02 2024-11-14 Show GitHub Exploit DB Packet Storm
313236 9.8 CRITICAL
Network 		gogs gogs A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter duri… CWE-77
Command Injection 		CVE-2022-1884 2024-11-19 23:47 2024-11-15 Show GitHub Exploit DB Packet Storm
313237 5.4 MEDIUM
Network 		usememos memos A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and r… CWE-79
Cross-site Scripting 		CVE-2023-0109 2024-11-19 23:44 2024-11-15 Show GitHub Exploit DB Packet Storm
313238 6.5 MEDIUM
Network 		wallabag wallabag wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in ve… CWE-352
 Origin Validation Error 		CVE-2023-0737 2024-11-19 23:43 2024-11-15 Show GitHub Exploit DB Packet Storm
313239 - - - A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage… - CVE-2024-11075 2024-11-19 23:15 2024-11-19 Show GitHub Exploit DB Packet Storm
313240 - - - Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These … - CVE-2024-10204 2024-11-19 23:15 2024-11-19 Show GitHub Exploit DB Packet Storm