Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
31 6.5 警告
Network 		Spring AI Community MCP Security Spring AI CommunityのMCP Securityにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45609 2026-06-5 10:51 2026-05-29 Show GitHub Exploit DB Packet Storm
32 5.5 警告
Local 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-20
CWE-248
CVE-2026-45676 2026-06-5 10:51 2026-06-2 Show GitHub Exploit DB Packet Storm
33 7.5 重要
Network 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-20
CWE-754
CVE-2026-45678 2026-06-5 10:51 2026-06-2 Show GitHub Exploit DB Packet Storm
34 6.5 警告
Network 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-117
CWE-532
CVE-2026-45679 2026-06-5 10:51 2026-06-2 Show GitHub Exploit DB Packet Storm
35 7.5 重要
Network 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-400
CWE-834
CVE-2026-45680 2026-06-5 10:50 2026-06-2 Show GitHub Exploit DB Packet Storm
36 5.9 警告
Network 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-125
CWE-130
CVE-2026-45681 2026-06-5 10:50 2026-06-2 Show GitHub Exploit DB Packet Storm
37 5.5 警告
Local 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-401
CWE-770
CVE-2026-45682 2026-06-5 10:50 2026-06-2 Show GitHub Exploit DB Packet Storm
38 3.8
Local 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-127
CWE-200
CVE-2026-45683 2026-06-5 10:50 2026-06-2 Show GitHub Exploit DB Packet Storm
39 5.3 警告
Local 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-126
CWE-787
CVE-2026-45684 2026-06-5 10:50 2026-06-2 Show GitHub Exploit DB Packet Storm
40 7.5 重要
Network 		opentelemetry eBPF Instrumentation opentelemetryのeBPF Instrumentationにおける複数の脆弱性 New CWE-20
CWE-248
CWE-704
CVE-2026-45685 2026-06-5 10:50 2026-06-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1881 6.1 MEDIUM
Network 		golang net Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-27136 2026-05-30 00:27 2026-05-23 Show GitHub Exploit DB Packet Storm
1882 9.6 CRITICAL
Network 		golang net The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com… CWE-1289
 Improper Validation of Unsafe Equivalence in Input 		CVE-2026-39821 2026-05-30 00:26 2026-05-23 Show GitHub Exploit DB Packet Storm
1883 4.3 MEDIUM
Network 		- - A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to … CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-9416 2026-05-30 00:16 2026-05-25 Show GitHub Exploit DB Packet Storm
1884 4.8 MEDIUM
Network 		- - A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This v… CWE-444
HTTP Request Smuggling 		CVE-2026-6324 2026-05-30 00:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1885 4.6 MEDIUM
Physics 		- - Uncontrolled resource consumption in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-veh… CWE-307
CWE-400
CWE-770
mproper Restriction of Excessive Authentication Attempts
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-49324 2026-05-30 00:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1886 4.3 MEDIUM
Physics 		- - Weak authentication between the Wireless Control Module (WCM) and the Engine Control Module (ECM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with… CWE-327
CWE-798
CWE-1390
 Use of a Broken or Risky Cryptographic Algorithm
 Use of Hard-coded Credentials
 Weak Authentication 		CVE-2026-49323 2026-05-30 00:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1887 4.3 MEDIUM
Physics 		- - Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to… CWE-294
CWE-327
CWE-1390
Authentication Bypass by Capture-replay 
 Use of a Broken or Risky Cryptographic Algorithm
 Weak Authentication 		CVE-2026-49322 2026-05-30 00:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1888 - - - RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TEST_PRIVATE_KEY and uses i… CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-45041 2026-05-30 00:16 2026-05-29 Show GitHub Exploit DB Packet Storm
1889 9.8 CRITICAL
Network 		- - RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The functi… CWE-798
CWE-1392
 Use of Hard-coded Credentials
 Use of Default Credentials 		CVE-2026-45039 2026-05-30 00:11 2026-05-29 Show GitHub Exploit DB Packet Storm
1890 - - - RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, improper authorization in the UploadPartCopy operation allows copying objects across buckets without enforcing dest… CWE-863
 Incorrect Authorization 		CVE-2026-45042 2026-05-30 00:11 2026-05-29 Show GitHub Exploit DB Packet Storm