Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3791 5.3 警告
Network 		vaadin Vaadin Vaadin Ltd.のVaadinにおけるアクセス制御に関する脆弱性 CWE-284
CWE-Other
CVE-2026-2742 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
3792 7.8 重要
Local 		ASSA ABLOY Visionline ASSA ABLOYのVisionlineにおける複数の脆弱性 CWE-250
CWE-276
CWE-732
CWE-732
CVE-2026-3315 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
3793 9.8 緊急
Network 		NetBox Labs Netbox-docker NetBox LabsのNetbox-dockerにおける複数の脆弱性 CWE-1392
CWE-798
CVE-2023-27573 2026-05-11 11:03 2026-03-11 Show GitHub Exploit DB Packet Storm
3794 6.1 警告
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおける複数の脆弱性 CWE-358
CWE-79
CVE-2025-31970 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3795 9.8 緊急
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2025-59851 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3796 9.1 緊急
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2025-59852 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3797 5.3 警告
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおけるエラーメッセージによる情報漏えいに関する脆弱性 CWE-209
エラーメッセージによる情報漏えい 		CVE-2025-59853 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3798 6.1 警告
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおける複数の脆弱性 CWE-79
CWE-80
CVE-2025-59854 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3799 9.4 緊急
Network 		Deutsche Telekom AG Telekom Account Management Portal Deutsche Telekom AGのTelekom Account Management Portalにおけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み 		CVE-2025-69614 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
3800 9.1 緊急
Network 		Deutsche Telekom AG Telekom Account Management Portal Deutsche Telekom AGのTelekom Account Management Portalにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2025-69615 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1001 5.9 MEDIUM
Network 		- - Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 thr… New CWE-22
Path Traversal 		CVE-2026-41843 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1002 4.2 MEDIUM
Network 		- - A Spring MVC or Spring WebFlux application which configures a mapping for "/**" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an ar… New CWE-601
Open Redirect 		CVE-2026-41844 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1003 7.1 HIGH
Network 		- - Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code injection in the browser, potentially resulting in a cross-site scripting (XSS) vulnerability. Af… New CWE-79
Cross-site Scripting 		CVE-2026-41845 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1004 5.9 MEDIUM
Network 		- - Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting… New CWE-79
Cross-site Scripting 		CVE-2026-41846 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1005 4.8 MEDIUM
Network 		- - Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. Affected versions: Spring Framework 5.3.0 through 5.3.48. New CWE-284
Improper Access Control 		CVE-2026-41847 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1006 3.7 LOW
Network 		- - Applications may be vulnerable to a Regular Expression Denial of Service (ReDoS) attack if an attacker is able to provide a pattern which is then directly or indirectly supplied to one of the followi… New CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2026-41848 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1007 7.5 HIGH
Network 		- - An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language (SpEL). An attacker can exploit this by supplying a specially crafted SpEL expression that triggers … New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-41849 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1008 7.5 HIGH
Network 		- - Applications that evaluate user-supplied Spring Expression Language (SpEL) expressions are vulnerable to an Algorithmic Denial of Service (DoS). By providing a specially crafted expression, an attack… New CWE-407
 Inefficient Algorithmic Complexity 		CVE-2026-41850 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1009 5.3 MEDIUM
Network 		- - Applications which accept user-supplied Spring Expression Language (SpEL) expressions may be vulnerable to a Denial of Service (DoS) attack if the evaluation of a SpEL expression triggers unbounded c… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41851 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
1010 3.7 LOW
Network 		- - A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argument method invocation, even within restricted or read-only contexts, which may allow an attacker t… New CWE-863
 Incorrect Authorization 		CVE-2026-41852 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm