Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4081	3.3	低 Local	X.Org Foundation	libxpm	libXpmにおける境界外読み取りの脆弱性	CWE-Other その他	CVE-2026-4367	2026-05-11 12:18	2026-05-11	Show	GitHub Exploit DB Packet Storm

4082	7.3	重要 Network	yeti-platform	yeti	yeti-platformのyetiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2024-46507	2026-05-11 11:13	2026-05-8	Show	GitHub Exploit DB Packet Storm

4083	7.5	重要 Network	yeti-platform	yeti	yeti-platformのyetiにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2024-46508	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4084	9.8	緊急 Network	Frappe	ERPNext	FrappeのERPNextにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-38431	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4085	6.1	警告 Network	Frappe	ERPNext	FrappeのERPNextにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-38432	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4086	9.1	緊急 Network	CHORNY	Apache::Session	CHORNYのApache::Sessionにおける有効期限後または解放後のリソースの操作に関する脆弱性	CWE-672 有効期限後または解放後のリソースの操作	CVE-2013-10075	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4087	9.8	緊急 Network	PHPOffice	PhpSpreadsheet	PHPOfficeのPhpSpreadsheetにおける複数の脆弱性	CWE-502 CWE-918	CVE-2026-34084	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4088	5.4	警告 Network	PHPOffice	PhpSpreadsheet	PHPOfficeのPhpSpreadsheetにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-35453	2026-05-11 11:12	2026-05-5	Show	GitHub Exploit DB Packet Storm

4089	9.1	緊急 Network	Zcash Foundation	Zebra-script Zebrad	Zcash FoundationのZebra-script等の複数製品における呼び出し元による仕様の不適切な準拠に関する脆弱性	CWE-573 呼び出し元による仕様の不適切な準拠	CVE-2026-41583	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

4090	6.5	警告 Network	Zcash Foundation	zebra-rpc Zebrad	Zcash Foundationのzebra-rpc等の複数製品における複数の脆弱性	CWE-248 CWE-617	CVE-2026-41585	2026-05-11 11:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
841	7.8	HIGH Local	synology	active_backup_for_business_recovery_media_creator	An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users t… Update	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2022-49036	2026-06-11 03:20	2026-06-3	Show	GitHub Exploit DB Packet Storm

842	5.3	MEDIUM Local	lmsys	sglang	A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service.… Update	CWE-404 Improper Resource Shutdown or Release	CVE-2026-10775	2026-06-11 03:19	2026-06-4	Show	GitHub Exploit DB Packet Storm

843	-		-	-	An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to e… New	CWE-78 OS Command	CVE-2026-9151	2026-06-11 03:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

844	2.7	LOW Network	-	-	A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This… Update	CWE-1220 Insufficient Granularity of Access Control	CVE-2026-9088	2026-06-11 03:17	2026-06-5	Show	GitHub Exploit DB Packet Storm

845	8.5	HIGH Network	-	-	Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Fission added PodSpec safety val… New	CWE-269 CWE-732 Improper Privilege Management Incorrect Permission Assignment for Critical Resource	CVE-2026-50570	2026-06-11 03:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

846	4.3	MEDIUM Network	-	-	Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, HTTPTriggerSpec.Validate() valid… New	CWE-20 Improper Input Validation	CVE-2026-50569	2026-06-11 03:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

847	3.6	LOW Local	-	-	Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/ut… New	CWE-41 Improper Resolution of Path Equivalence	CVE-2026-50568	2026-06-11 03:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

848	7.7	HIGH Network	-	-	Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go jo… New	CWE-22 Path Traversal	CVE-2026-50567	2026-06-11 03:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

849	4.9	MEDIUM Network	-	-	Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission builder pods were create… New	CWE-250 CWE-269 CWE-538 Execution with Unnecessary Privileges Improper Privilege Management File and Directory Information Exposure	CVE-2026-50565	2026-06-11 03:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

850	9.9	CRITICAL Network	-	-	Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Environment CRD expose… New	CWE-269 CWE-284 CWE-693 Improper Privilege Management Improper Access Control Protection Mechanism Failure	CVE-2026-50564	2026-06-11 03:17	2026-06-11	Show	GitHub Exploit DB Packet Storm