Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3741 5.5 警告
Local 		レッドハット multicluster engine for Kubernetes レッドハットのmulticluster engine for Kubernetesにおける重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2026-7163 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3742 7.2 重要
Network 		Amazon.com, Inc. Amazon ECS container agent Amazon.com, Inc.のAmazon ECS container agentにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-7461 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3743 6.5 警告
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP ServerにおけるHTTPレスポンスの分割に関する脆弱性 CWE-443
CWE-Other
CVE-2026-33523 2026-05-7 11:29 2026-05-4 Show GitHub Exploit DB Packet Storm
3744 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける不適切な短絡評価に関する脆弱性 CWE-768
不適切な短絡評価 		CVE-2026-35378 2026-05-7 11:29 2026-04-22 Show GitHub Exploit DB Packet Storm
3745 7.5 重要
Network 		- 4D SASの4D ServerにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2024-39847 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3746 9.1 緊急
Network 		rti RTI Connext Professional rtiのRTI Connext ProfessionalにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2025-14543 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3747 7.5 重要
Network 		XWiki CryptPad XWikiのCryptPadにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2025-51846 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
3748 6.4 警告
Local 		レッドハット process automation manager レッドハットのprocess automation managerにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-58713 2026-05-7 11:29 2026-04-8 Show GitHub Exploit DB Packet Storm
3749 4.8 警告
Network 		GNU Project GNU Wget2 GNU ProjectのGNU Wget2における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-1858 2026-05-7 11:28 2026-04-29 Show GitHub Exploit DB Packet Storm
3750 6.5 警告
Adjacent 		シスコシステムズ Cisco Firepower Threat Defense ソフトウェア
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における範囲外のポインタオフセットの使用に関する脆弱性 CWE-823
範囲外のポインタオフセットの使用 		CVE-2026-20022 2026-05-7 11:28 2026-03-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313541 7.1 HIGH
Network 		lollms lollms_web_ui A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack when uploading an audio file. If an attacker appends a large number of characters to the end of a mult… CWE-352
 Origin Validation Error 		CVE-2024-6959 2024-11-4 02:15 2024-10-13 Show GitHub Exploit DB Packet Storm
313542 2.7 LOW
Network 		openwebui open_webui An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path… CWE-209
Information Exposure Through an Error Message 		CVE-2024-7038 2024-11-4 02:15 2024-10-10 Show GitHub Exploit DB Packet Storm
313543 4.3 MEDIUM
Network 		lunary lunary A broken access control vulnerability exists in the latest version of lunary-ai/lunary. The `saml.ts` file allows a user from one organization to update the Identity Provider (IDP) settings and view … CWE-306
Missing Authentication for Critical Function 		CVE-2024-6582 2024-11-4 02:15 2024-09-14 Show GitHub Exploit DB Packet Storm
313544 7.1 HIGH
Local 		apple macos A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass … NVD-CWE-noinfo
CVE-2024-44159 2024-11-2 06:35 2024-10-29 Show GitHub Exploit DB Packet Storm
313545 - - - Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLog… - CVE-2024-37879 2024-11-2 06:35 2024-09-21 Show GitHub Exploit DB Packet Storm
313546 - - - The Ajax Search Lite WordPress plugin before 4.12.1 does not sanitise and escape some parameters, which could allow users with a role as low as Admin+ to perform Cross-Site Scripting attacks. - CVE-2024-7084 2024-11-2 06:35 2024-08-6 Show GitHub Exploit DB Packet Storm
313547 5.3 MEDIUM
Adjacent 		gotenna gotenna_pro The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force att… CWE-521
Weak Password Requirements  		CVE-2024-47121 2024-11-2 05:39 2024-09-27 Show GitHub Exploit DB Packet Storm
313548 6.5 MEDIUM
Network 		lollms lollms_web_ui A Cross-Site Request Forgery (CSRF) vulnerability exists in the `install_comfyui` endpoint of the `lollms_comfyui.py` file in the parisneo/lollms-webui repository, versions v9.9 to the latest. The en… CWE-352
 Origin Validation Error 		CVE-2024-6673 2024-11-2 05:37 2024-10-29 Show GitHub Exploit DB Packet Storm
313549 7.8 HIGH
Local 		adobe illustrator Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploit… CWE-190
 Integer Overflow or Wraparound 		CVE-2024-34121 2024-11-2 05:35 2024-09-13 Show GitHub Exploit DB Packet Storm
313550 7.1 HIGH
Network 		lollms lollms_web_ui A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal sensitive information such as logs, browser sessions, and settings containing private API keys from othe… CWE-346
 Origin Validation Error 		CVE-2024-6674 2024-11-2 05:34 2024-10-29 Show GitHub Exploit DB Packet Storm